CyberSecurityBoard
Sponsor Register Login

Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten cyber decision-makers had to deal with a phishing attack, according to email security provider Egress.
This is up 2% from the previous year, Egress' Email Security Risk Report 2024 found.
The top three phishing techniques used throughout 2023 were malicious URLs, malware or ransomware attachments and attacks sent from compromised accounts.
Phishing threat actors became more efficient, with 96% of targeted organizations negatively impacted by these attacks, compared with 86% during the previous year.
58% of organizations suffered account takeovers in 2023, of which 79% came from credentials harvested through phishing.
The report also shows that cybersecurity leaders are aware that phishing is a serious concern for their businesses.
A staggering 95% of them said they are stressed about email security.
Many cybersecurity leaders question how efficient their cybersecurity defenses against email-based attacks are.
Of those who use a secure email gateway, 91% expressed frustration with it and 87% are considering replacing their SEG or have already done so.
This frustration is sometimes passed on to staff, with cybersecurity leaders taking a tough stance on employees.
The study has found that among employees who fell for a phishing attack, 51% were disciplined, 39% were fired, and 27% voluntarily left their jobs.
This is despite a lack of efficient training provided to staff, the report highlighted.
Overall, 91% of cybersecurity leaders have doubts about the effectiveness of traditional training.
In most cases, training is not tailored to the workforce, with only 19% of organizations delivering security awareness training that reflects on the department or team that employees work in.
Instead, training is frequently seen as a checkbox exercise - for compliance purposes only in 88% of cases.
The survey data for this report was compiled from 500 cybersecurity leaders, including CISOs and CIOs, from the US, UK, and Australia, and working in the financial services, legal, healthcare, and government or charitable sectors.
All respondents used Microsoft 365 as their operating system and were responsible for email security.
The survey data was supplemented by platform data generated by Egress Defend and Egress Prevent.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 16 Jan 2024 13:55:04 +0000


Cyber News related to Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
1 year ago Darkreading.com
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
1 year ago Securityboulevard.com
The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
4 months ago Esecurityplanet.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
9 months ago Hackread.com
Email Security Trends And Predictions in 2024 - One of the most critical aspects of this broad topic is email security. Email security refers to the collective measures used to secure the access and content of an email account or service. An email service provider implements email security to ...
1 year ago Cybersecuritynews.com
Law Firms are Raising the Bar on Cybersecurity - Corresponding with recent increases in threat actor activity in the legal industry, law firms are investing more time and attention in modernizing security operations. Both midsize and large law firms are increasingly engaging with cybersecurity ...
2 years ago Bluevoyant.com
Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
1 year ago Securityzap.com
Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023 - Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten cyber decision-makers had to deal with a phishing attack, according to email security provider Egress. This is up 2% from the previous year, Egress' Email ...
1 year ago Infosecurity-magazine.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
11 months ago Cyberdefensemagazine.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
8 months ago Hackread.com
ACDS Unveils Tailored Email Security Essentials Package for SMBs to Protect from Malicious Communications - Email is the most common attack vector for cybercriminals, in fact the overwhelming majority of malware-related security incidents are delivered via email. It's no surprise that email security is at the forefront of many business leader's minds. In ...
1 year ago Itsecurityguru.org
ACDS Unveils Tailored Email Security Essentials Package for SMBs to Protect from Malicious Communications - Email is the most common attack vector for cybercriminals, in fact the overwhelming majority of malware-related security incidents are delivered via email. It's no surprise that email security is at the forefront of many business leader's minds. In ...
1 year ago Itsecurityguru.org
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
1 year ago Netcraft.com
Security Boulevard - With the rising volume of fraudulent emails and AI-enhanced phishing scams, industry giants such as Google, Yahoo, and Microsoft have doubled their email security efforts. DMARC builds on two existing email authentication technologies: Sender Policy ...
1 year ago Securityboulevard.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security - Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership. ...
1 year ago Darkreading.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
2 years ago Tripwire.com
Essential Email and Internet Safety Tips for College Students - Your email is one of the most important digital assets and identities because it helps you create accounts on other platforms. Securing your email requires you to pay attention to your passwords, gadgets, and the links you engage with. The places you ...
1 year ago Securityboulevard.com
Beware: PayPal "New Address" feature abused to send phishing emails - The email includes the new address that was allegedly added to your PayPal account, including a message claiming to be a purchase confirmation for a MacBook M4, and to call the enclosed PayPal number if you did not authorize the purchase. The goal of ...
14 hours ago Bleepingcomputer.com
Secure email gateways struggle to keep pace with sophisticated phishing campaigns - In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers' SEGs, signaling a 37% increase in ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)