CyberSecurityBoard
Sponsor Register Login

Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten cyber decision-makers had to deal with a phishing attack, according to email security provider Egress.
This is up 2% from the previous year, Egress' Email Security Risk Report 2024 found.
The top three phishing techniques used throughout 2023 were malicious URLs, malware or ransomware attachments and attacks sent from compromised accounts.
Phishing threat actors became more efficient, with 96% of targeted organizations negatively impacted by these attacks, compared with 86% during the previous year.
58% of organizations suffered account takeovers in 2023, of which 79% came from credentials harvested through phishing.
The report also shows that cybersecurity leaders are aware that phishing is a serious concern for their businesses.
A staggering 95% of them said they are stressed about email security.
Many cybersecurity leaders question how efficient their cybersecurity defenses against email-based attacks are.
Of those who use a secure email gateway, 91% expressed frustration with it and 87% are considering replacing their SEG or have already done so.
This frustration is sometimes passed on to staff, with cybersecurity leaders taking a tough stance on employees.
The study has found that among employees who fell for a phishing attack, 51% were disciplined, 39% were fired, and 27% voluntarily left their jobs.
This is despite a lack of efficient training provided to staff, the report highlighted.
Overall, 91% of cybersecurity leaders have doubts about the effectiveness of traditional training.
In most cases, training is not tailored to the workforce, with only 19% of organizations delivering security awareness training that reflects on the department or team that employees work in.
Instead, training is frequently seen as a checkbox exercise - for compliance purposes only in 88% of cases.
The survey data for this report was compiled from 500 cybersecurity leaders, including CISOs and CIOs, from the US, UK, and Australia, and working in the financial services, legal, healthcare, and government or charitable sectors.
All respondents used Microsoft 365 as their operating system and were responsible for email security.
The survey data was supplemented by platform data generated by Egress Defend and Egress Prevent.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 16 Jan 2024 13:55:04 +0000


Cyber News related to Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
7 months ago Darkreading.com
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
6 months ago Securityboulevard.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
5 months ago Techrepublic.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
5 months ago Gbhackers.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
5 months ago Helpnetsecurity.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 month ago Hackread.com
Law Firms are Raising the Bar on Cybersecurity - Corresponding with recent increases in threat actor activity in the legal industry, law firms are investing more time and attention in modernizing security operations. Both midsize and large law firms are increasingly engaging with cybersecurity ...
1 year ago Bluevoyant.com
Email Security Trends And Predictions in 2024 - One of the most critical aspects of this broad topic is email security. Email security refers to the collective measures used to secure the access and content of an email account or service. An email service provider implements email security to ...
7 months ago Cybersecuritynews.com
Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
5 months ago Securityzap.com
Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023 - Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten cyber decision-makers had to deal with a phishing attack, according to email security provider Egress. This is up 2% from the previous year, Egress' Email ...
5 months ago Infosecurity-magazine.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
1 month ago Hackread.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
3 months ago Cyberdefensemagazine.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
7 months ago Darkreading.com
ACDS Unveils Tailored Email Security Essentials Package for SMBs to Protect from Malicious Communications - Email is the most common attack vector for cybercriminals, in fact the overwhelming majority of malware-related security incidents are delivered via email. It's no surprise that email security is at the forefront of many business leader's minds. In ...
6 months ago Itsecurityguru.org
ACDS Unveils Tailored Email Security Essentials Package for SMBs to Protect from Malicious Communications - Email is the most common attack vector for cybercriminals, in fact the overwhelming majority of malware-related security incidents are delivered via email. It's no surprise that email security is at the forefront of many business leader's minds. In ...
6 months ago Itsecurityguru.org
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
6 months ago Netcraft.com
Security Boulevard - With the rising volume of fraudulent emails and AI-enhanced phishing scams, industry giants such as Google, Yahoo, and Microsoft have doubled their email security efforts. DMARC builds on two existing email authentication technologies: Sender Policy ...
5 months ago Securityboulevard.com
The Dangers of Phishing: Why It’s So Dangerous for Email Productivity - Email is one of the most powerful tools for staying productive in the digital age. It’s become one of our most used methods for communication and information sharing. But this power and usage can also be used for nefarious purposes by criminals who ...
1 year ago Zdnet.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
1 year ago Tripwire.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
4 months ago Darkreading.com
Essential Email and Internet Safety Tips for College Students - Your email is one of the most important digital assets and identities because it helps you create accounts on other platforms. Securing your email requires you to pay attention to your passwords, gadgets, and the links you engage with. The places you ...
5 months ago Securityboulevard.com
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security - Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership. ...
4 months ago Darkreading.com
Secure email gateways struggle to keep pace with sophisticated phishing campaigns - In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers' SEGs, signaling a 37% increase in ...
4 months ago Helpnetsecurity.com
What is an email signature? - An email signature - or signature block or signature file - is the block of text that appears at the end of an email message that provides more information about the sender. This can include details such as the sender's full name, occupation or job ...
6 months ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)