Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Phishing
      • /
    • Phishing Attacks Against State and Local Governments Are Surging

    Phishing Attacks Against State and Local Governments Are Surging

    Stu Sjouwerman | Jul 11, 2024

    Phishing Attacks Against State and Local GovernmentResearchers at Abnormal Security have observed a 360% increase in phishing attacks against state and local government entities over the past year.

    The researchers write, “While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”

    Threat actors often use phishing to gain a foothold within an organization before launching more follow-on attacks.

    “Typically, phishing is just the first phase in various criminal schemes, functioning more as a means to secure initial access rather than the primary objective,” the researchers write “A successful credential phishing attack allows threat actors to obtain usernames and passwords that they can use to compromise additional accounts and initiate more costly campaigns. Phishing emails can also be a mechanism for deploying malware, which enables attackers to disrupt operations, execute espionage, or steal or ransom data. Governments in particular are often seen as high-value targets for ransomware due to their critical operations and potential willingness to pay ransoms to restore services quickly.”

    Abnormal Security also found that business email compromise (BEC) attacks in the public sector have risen by 70% over the past year. These attacks often bypass technical security measures because they rely solely on social engineering rather than trying to deliver a malicious link or file.

    “A successful BEC attack requires a bad actor to convince the target that 1) they are the person they claim to be and 2) their request is legitimate,” the researchers explain. “Since government entities often have mandated transparency and disclosure requirements, details about their operations, staff, and procedures are publicly available. Cybercriminals can exploit this information to craft more targeted and convincing malicious emails that are more likely to deceive targets into fulfilling fraudulent requests.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Abnormal Security has the story.

    Topics: Phishing

    Discover Your Organization’s Phish-prone™ Percentage

    Ninety-one percent of data breaches begin with spear phishing. Launch our Free Phishing Security Test for up to 100 users to uncover your team's vulnerability and see how your security posture stacks up against industry benchmarks.

    Get Your Free Phishing Security Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All