Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

    New Data Covers How the Retail Market is at Greater Risk of Industry-Specific CyberthreatsA new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber weaknesses.

    Not every report needs to have stats on the state of how bad things are. In fact, it’s quite refreshing for a report to simply state what kinds of attacks are transpiring and what the reader can do to mitigate such threats.  And that’s exactly what you have in Trustwave’s Retail Threat Landscape report.

    Some of the more interesting pieces of information in the report relevant to us include:

    • 70% of phishing emails contain malicious HTML attachments
    • Trustwave identifies 4,000 to 10,000 malicious phishing URLs daily
    • Credential Access is involved in 30% of all attacks in the retail space
    • Remote Desktop Protocol (RDP) Accounts are the most prevalent types of initial access being sold targeting retail organizations. They comprise 34% of the type of access being sold in underground marketplaces

    Now, zooming back out to the larger value of this report, Trustwave does a great job highlighting the various attack methods and threat actors by walking the reader through each of the common phases of the attacks seen by Trustwave analysts. And for each, they do provide mitigations to help retail organizations reduce their risk. 

    One such recommendation to mitigate the threat of phishing is close to my heart: “Consistently conduct mock phishing tests to assess the effectiveness of anti-phishing training and retrain repeat offenders.”

    This means organizations should be a) having employees take security awareness training, b) should include simulated phishing testing as a feedback loop on the training’s effectiveness, and c) have those users that continually fail the testing retake the training to engrain the need to remain vigilant into their daily interaction with email and the web.

    KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

     

    Return To KnowBe4 Security Blog

    Topics: Phishing, Security Awareness Training, Cybercrime

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews