Unbeknownst to many, spear phishing campaigns are among the worst cyber attacks for the scale in which they impact operations of corporations and individuals alike.
While phishing can be deemed as an age-old attempt to obtain a target’s information through emulating legitimate correspondence, they are still among the most effective means through which attackers gain credentials of targeted users, in their millions.
The advent of spear phishing, or targeting phishing wherein attackers set out to research a target – either an individual or a company – before springing a trap has always been on a steady increase since its discovery. The chances of success are higher when an attacker or a malicious hacker does the necessary homework. Due diligence among criminals and cyber criminals result in successful crimes and it’s no different when the targets are corporations or businesses who often deal with other businesses. The successful cybercriminals are those who expertly claim to be a legitimate business entity, earning the trust of a target before striking.
A new survey conducted by Vanson Bourne has revealed that spear phishing was directly responsible for 38 percent of cyber-attacks targeting the respondents’ businesses. Staggeringly, 90% of polled respondents also revealed that their organization experienced a spear phishing attack, in 2015 alone.
George Riedel, CEO of Cloudmark who sponsored the survey said:
With the wealth of information about individuals and organizations now available online, cyber-criminals can easily craft targeted attacks to gain access to valuable personal and financial information. Spear phishing has emerged to become one of the largest threats facing enterprises today.
On a global scale among 88 respondents, the average financial cost of spear phishing attacks in 2015 was $1.6 million. For US businesses, the average cost is at a dizzying $1.8 million.
Related article: Why Spear Phishing is so Hard to Prevent
With these figures, IT professionals and corporate system administrators and security teams are understandably concerned about spear phishing attacks. Nearly two-thirds of decision makers in IT governance remark that spear phishing is a significant threat to their organization.
Detailing those numbers further, two-thirds of these decision makers admit that spear phishing is either their organization’s primary security concern (20 percent) or figures among their organization’s top three security concerns (42 percent of those polled).
Based on our conversations with customers, partners and enterprise IT decision makers, it is glaringly apparent that organizations across industries are struggling to combat spear phishing threats.
Alarmingly, nearly 50 percent of victims tend to click on the phishing email link after opening them, within an hour of receiving the email, a Data Breach report courtesy of Verizon revealed.
Image credit: PRWeb.