With 82% of organizations facing an attempted email-based security threat in the past year, the impacts of these attacks are material and potentially harmful to the organization.
We’ve long been preaching about the prevalence of phishing and email-borne attacks. The latest data from the 2019 Email Security Trends Report from email security vendor Barracuda shows what the current state of email attacks looks like.
According to the report, successful email-based attacks are negatively impactful to the business:
- 48% experienced a loss in employee productivity
- 36% experienced business downtime and disruption
- 20% incurred recovery costs
- 16% experienced a loss of sensitive confidential or critical data
To boot, 28% of organizations say these attacks hurt the reputation of the IT team.
So, surely these organizations didn’t have proper security in place, right? Wrong. They were armed to the teeth – just like your organization:
- 88% have virus/malware filters
- 85% have spam filters
- 68% have email authentication
- 57% have URL protection
- And the list goes on…
But the problem isn’t the tech – it’s the user. According to the report, three-quarters of organizations say employees aren’t good at spotting suspicious emails. With 43% of organizations being a victim of a spear phishing attack in the past 12 months, it’s imperative that these employees undergo continual Security Awareness Training mixed with Phishing Testing. It’s the combination of these two services that provide organizations with both a means to educate employees on how to avoid email-based attacks and test employees to make sure they’re becoming more secure in their practices.
From the looks of this report, we’ll continue to see email-based phishing attacks for the foreseeable future. Employees are the part of your security stance that need more attention.
Will your users respond to phishing emails?
KnowBe4's new Phishing Reply Test (PRT) is a complimentary IT security tool that makes it easy for you to check to see if key users in your organization will reply to a highly targeted phishing attack without clicking on a link. PRT will give you quick insights into how many users will take the bait so you can take action to train your users and better protect your organization from these fraudulent attacks!
Here's how it works:
- Immediately start your test with your choice of three phishing email reply scenarios
- Spoof a Sender’s name and email address your users know and trust
- Phishes for user replies and returns the results to you within minutes
- Get a PDF emailed to you within 24 hours with the percentage of users that replied
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: