Security Awareness Training Blog

    Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target

    Vishing Attacks Increase 550% Over Last YearCybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.

    Malware-based attacks certainly are not dead, as threat actors need to gain control over endpoints, and ransomware continues to thrive. But new data from PhishLabs’ Quarterly Threat Trends & Intelligence Report shows that cybercriminals are favoring attacks that are less likely to be detected by security solutions – the greatest, of which, is vishing.

    According to the report, hybrid vishing now leads over business email compromise (BEC) as the second most reported response-based threat, with one in four reported response-based attacks being a vishing attack.

    Response-based threat – those attacks that rely on social engineering and requiring the interaction of a corporate user – represented 37.5% of email-based threats as well, with credential theft used in nearly 59% of attacks, and malware delivery only occurring in less than 4% of attacks.

    This breakdown demonstrates the power and effectiveness of the use of social engineering tactics and the longer-term play by threat actors to gradually gain the access needed to compromise networks and breach data.

    It also makes the case for the need for Security Awareness Training to counteract such tactics – whether the medium is email, web, voice, or text. If users are not fully-prepared for social engineering attacks, the trends outlined by the PhishLabs report indicate that cybercriminals will continue to win the battle, seeing more successful attacks via social engineering.

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Social Engineering, vishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews