Roy Urrico | September 02, 2016

Phishing Attacks on the Rise, Human Error to Blame

Many of the cybersecurity threats prevalent today such as oversharing on social media, unsafe use of Wi-Fi, and company confidential data exposure contributes to the  ever-growing problem of phishing.

Pittsburgh-based cybersecurity firm Wombat Security Technologies’ Beyond the Phish Reportanalyzed nearly 20 million questions and answers from their survey for this report. The report delved into how well end users are able to identify and manage security threats within an enterprise.

News and headlines, as well as numerous studies, have proven that phishing attacks are on the rise, and Wombat said its survey of security professionals showed the same. The threat of phishing attacks is real. In the last year, the list of organizational phishing victims increased by 13% to 85%, and 60% of enterprises said the phishing attack rate increased overall.

“Clearly, phishing is a focus area across the industry, but the efforts can’t stop there,” Joe Ferrara, president and CEO of Wombat said. “To reduce cyberrisk in organizations, security education programs must teach and assess end users across many topic areas, like oversharing on social media and proper data handling. Many of these risky behaviors exacerbate the phishing problem.”

Social Media plays a big part in our lives but end users struggled here the most, missing 31% of the questions we asked them around what they should and should not do to keep themselves and their organizations safe.

“What’s more, in our survey of security professionals, we found that only about half are assessing users around this topic. Most companies allow social media access on work devices while admitting they are not very confident that their employees know what to do to keep their organization safe,” the report revealed.

The report also disclosed that not only is there room for improvement in protecting organizations against phishing attacks but in simply recognizing the existing dangers. Other key findings include:

  • End users missed 30% of questions about protecting and disposing of data securely, second only to safe social media use.
  • Professional services and healthcare employees performed the lowest on the nearly 1 million questions asked about safe passwords.
  • Healthcare industry had the highest assessment percentage of end users' ability to protect confidential information with 31% of questions on the topic missed by those in that industry. The financial section weighed in at 22%.

Wombat suggested with the rise in the remote workforce and end users who value the ability to work outside of the office, organizations need to educate their employees on how to stay safe while they are outside the office. Improper use of free Wi-Fi, inattention to physical security, lax data protections, and the lack of security guidelines during travel led to 26% of questions missed by end users on this important topic.

Read the article on Credit Union Times