Did you know, 43% of breaches result from social engineering attacks? What's more, according to a recent Verizon investigation, phishing emails account for 98% of all social engineering related incidents and breaches.
Ransomware and phishing attacks have garnered a great deal of recent attention in the cybersecurity community. As the Verizon Databreach Report has long warned, ransomware is the most common type of malware carried by phishing attacks. It's used in 56% of such incidents.
Ransomware is very effective for criminals. It exposes them to relatively little risk. But even as ransomware surges in criminal use and popularity, there are signs that businesses and local governments aren't investing in appropriate security against it.
Social engineering schemes such as phishing and pretexting are responsible for an incredibly high percentage of breaches. The targets of choice are finance and human resource employees. When successful the attackers can collect ransom in the six-figure range. Training combined with common sense are essential in combating cyberattacks.
It only takes one person to click on a phishing email to put an entire organization at risk. The good news is that 78% of peopled know not to click. But let's try to help that remaining 22% and step them through new-school security awareness training.
Here is the full Verizon report, which by the way, KnowBe4 contributes to with phishing data:
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf