New analysis of attacks on financial services shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat.
According to IBM, financial services is the second most expensive sector with an average cost of a data breach at $6.1 million.
And it appears that email-based attacks are a material source of data breaches, ransomware, business email compromise and more for the financial services sector — this, according to Trustwave’s 2024 Risk Radar Report: Financial Services Sector. In this report, we find these interesting details about attacks and their outcomes:
- 49% of attacks originated from phishing
- 37% of phishing emails used HTML attachments
- phishing and stolen credential attacks were the most frequent attack types
- Phishing and business email compromise were tied as the second most expensive initial attack vectors in data breaches, with the average cost at $4.9 million
To counter these attacks, TrustWave recommend the following mitigations:
- Email filtering solutions to block based on content, sender, and reputation
- A layered email security solution to detect anomalous (read: potentially malicious) email
- Security awareness training and phishing testing to keep users vigilant
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
How BreachSim works:
