Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Half Of Your Users Are Now Spear Phishing Targets

    spear_phishing_lIn a presentation at the Intelligence & National Security Summit, Bill Evanina, Director of the National Counterintelligence and Security Center (NCSC) announced "There have been just over 500 breaches so far this year, some of which made the news, and 47 percent of adult Americans have been the victim of a breach in the last three years."

    He is right, in 2015 U.S. organizations are seeing a significant spike in hacking incidents, more than the previous two years combined. Over 122 million records were breached just from hacking alone, meaning not counting all of the other incidents leading to sensitive information being exposed. That stolen data is an opportunity for criminals who now have enough personal information on half of your users to create very convincing spear phishing attacks, using Big Data technologies to merge and append stolen information into highly detailed profiles of your employees.

    They have access to credit card data, health care info, social security numbers, DMV records, purchase records, social media preferences, and more. This information is now being used to create automated spear phishing attacks on a massive scale by two different types of bad guys: Eastern European cyber mafias and Chinese state-sponsored hackers, also known as Advanced Persistent Threats.

    Somewhat oversimplified, the Russions are after your money and the Chinese are trying to spy on you and steal your intellectual property, but both groups often use the same illegally obtained data to get to their goals. Either way, the fact that half your employees is now a spear phishing target should give you pauze and illustrate the need for defense-in-depth which starts with  effective security awareness training

    Your end-users are the weak link in your network security. Now, more than ever, your employees are exposed to advanced phishing attacks. Trend Micro reported that 91% of successful data breaches started with a spear-phishing attack.

    A survey over IT pros showed that “end-users” wound up at the #2 spot of “System Admin Hate Votes” right after “no documentation”. And indeed untrained end-users generate tons of support tickets. Here is a whitepaper that explains the problem of spear-phishing and how Advanced Persistent Threats use this attack vector against organizations with devastating consequences. Download here:

    https://info.knowbe4.com/ultimate-spearfishing-defense-whitepaper

     

    Related Pages: Spear Phishing

     

    Return To KnowBe4 Security Blog

    Topics: Spear Phishing, Data Breach

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews