At this point, you're probably aware that phishing attacks are trending upwards. You may also be aware that many businesses encounter phishing attacks every day -- and that a single phishing attack can cost a company millions of dollars. But phishing attacks have become so ubiquitous that many companies are not taking steps to protect themselves, instead simply counting on their security and their luck. Here are a few startling phishing attack statistics that may change your mind and spur you into action.
Phishing Attacks Statistics
1. 85% of organizations have suffered from phishing attacks. Phishing attacks are everywhere, and most organizations will encounter them at one point or another. Companies need to be exceptionally vigilant to avoid the worst consequences of a phishing attack.
2. Phishing is the #1 delivery method for other types of malicious software. A phishing attack isn't just targeted at gaining information. Phishing attacks can also be used to distribute malicious programs, such as ransomware. Email attachments are still the main method of delivery for malicious programs.
3. Phishing increased by 250% in the first quarter of 2016 alone. Phishing isn't just trending upwards -- it's increasing by leaps and bounds. With as many phishing attempts as there now are, it becomes very difficult for employees to avoid them all.
4. 97% of users are not able to identify a sophisticated phishing email. Many phishing attacks are fairly rudimentary. But when they are targeted appropriately and sent to the right person, they can be virtually unidentifiable.
5. A single spear phishing attack costs an average of $1.6 million. Spear phishing involves a phishing attempt that appears to come from a known and trusted sender. Just one of these attacks could cost a business over $1.5 million.
6. A full third of organizations report that they were victims of whaling. 2016, in particular, saw an increase in emails that spoofed the identity of CEOs and other members of the C-suite. Many of these highly publicized attacks were targeted at getting personal and financial information, such as W2s and bank accounts.
7. Only 3% of users report phishing emails to their management. You could already have been the target of a phishing attempt and not realize it. Most users simply delete suspicious emails and forget they exist -- leaving other users vulnerable.
Phishing attacks don't have to be just a reality that modern corporations have to deal with. You can defend against them -- you just need the right technology and the right training. At CWPS, we offer not only completely managed security solutions, but also comprehensive KnowBe4-powered training, seminars, and simulations.