Getting Out Of The Phish Net: How To Turn People Into Your Greatest Asset

At PhishCloud we believe that people are vital in helping prevent phishing. These are some of the reasons why we have a different approach.

Getting Out Of The Phish Net

Try PhishCloud today and see the difference

  • Free 14-day trial
  • No credit card needed
  • Easy setup

Share this infographic, please

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Embedded
<div align="center">
<a href="https://www.phishcloud.com/getting-out-of-the-phish-net/">
<img src="https://www.phishcloud.com/wp-content/uploads/2020/04/phishcloud-getting-out-of-the-phish-net.jpg" width="500" alt="Getting Out of the Phish Net" border="0" /></a>
<br /><a href="https://www.phishcloud.com/getting-out-of-the-phish-net/">Getting Out of the Phish Net</a>
</div>

In 2018 alone, 83% of people received phishing emails

  • 64% of businesses experience phishing attacks

Why It’s Tough To Spot A Fake

49% of hackers prefer to exploit human nature, not tech

  • Social engineering attacks are on the rise — more than doubling from 2013-2018
  • Why isn’t looking out for red flags enough?
  • 384 billion emails are sent everyday ー 85% are spam
  • In 2018, 8 in 10 people experienced a phishing attack
  • Many Employees Are Left In The Dark
  • 2 in 3 consumers have received phishing emails
  • 1 in 3 have been compromised
  • had a computer infected with a virus or malware
  • been notified their account was compromised
  • had a social media or email account hacked
  • Phishing victims experienced
  • Compromised accounts: 65%
  • Malware infections: 49%
  • Loss of data: 24%
  • Businesses lose nearly $2 million per incident, but that’s not all
  • Decreased productivity: 67%
  • Data loss: 54%
  • Reputation damage: 50%

1 in 3 consumers will stop using a business after a security breach

Social Engineering 101

  • 72% of employees report that protecting themselves from email attacks has become more difficult since 2016
  • The Psychology of Phishing | What do we fall for?
  • Toll Violation Notification | Why? Creates a sense of urgency
  • Invoice Payment Required | Why? Mimics realistic personalized messages
  • Updated Building Evacuation Plan | Why? Preys upon fear with need-to-know info
  • BUT phishing attacks can even come unseen
  • Formjacking
  • When website forms are hacked to collect private user information
  • Typically used to steal credit card and payment details from checkout pages
  • Formjacking represents a serious threat for both businesses and consumers” Greg Clark, CEO of Symantec
  • Ransomware
  • When hackers lock a device and demand ransom to release data
  • Large businesses, government agencies, law firms, and banks are among the main targets | Why? For their secure information and access to large funds
  • 77% of successful social engineering attacks start with a phishing email — How can you protect your business?
  • Cybersecurity That Works: Why You Need People, Not Just Tech
  • Annual Training Is Not Enough
  • 95% of infosec professionals train employees to identify phishing attacks
  • Despite annual training, 35% of employees don’t know what “phishing” means
  • 1 in 10 have clicked a link in a phishing email
  • Current Phishing Solutions Alone Aren’t Scalable
  • Common Practice: Have employees forward suspicious emails to IT
  • The Problem: Of all emails flagged by employees, just 15% are actually malicious — and many malicious emails fall through the cracks
  • People learn better through practice & reinforcement
  • Over half of infosecurity professionals believe training has reduced phishing susceptibility
  • 76% of professional phishing victims receive additional counseling from a manager rather than negative consequences
  • 74% of hackers say they’re rarely impressed by an organization’s security measures]
  • The Key To Security Is People
  • Training employees to spot phishing attacks
  • Give them feedback on their effectiveness
  • Get everyone involved in protecting the company
  • In 2018, 93% of security breaches involved phishing* scams

The Internet is full of dark alleys — Teach your employees to shine a light in the dark

Sources:

https://www.cisco.com/c/dam/m/digital/elq-cmcglobal/witb/1872724/ESG-Solution-Showcase-Cisco-Email-Oct-2018.pdf?oid=anrsc013962

https://cofense.com/wp-content/uploads/2017/11/Enterprise-Phishing-Resiliency-and-Defense-Report-2017.pdf

https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/consumer-business/deloitte-uk-consumer-review-nov-2015.pdf

https://us.norton.com/internetsecurity-emerging-threats-what-is-formjacking.html

https://fortune.com/2017/04/27/facebook-google-rimasauskas/

https://www.paypal.com/us/brc/article/what-is-phishing-or-spoofing

https://info.wombatsecurity.com/hubfs/Wombat_Proofpoint_2019%20State%20of%20the%20Phish%20Report_Final.pdf

https://www.nuix.com/black-report/black-report-2018

https://www.symantec.com/security-center/threat-report

https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/

https://www.infosecurity-magazine.com/news/mps-bombarded-spam-brexit-no-deal/

https://www.talosintelligence.com/reputation_center/email_rep

https://www.phishingbox.com/assets/files/images/Check-Point-Research-Information-Security-Report-2018.pdf

https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-donts.html