Of all attack vectors, phishing remains the most commonly exploited, and accounts for 90% to 95% of all successful cyberattacks worldwide.
According to the IRONSCALES 2017 Email Security Report, culled from an online survey of 500 cyber security professionals, employees are most often victims of spoofing and impersonation (67%), followed by branded (35%) and seasonal attacks (31%).
Malicious emails continue to easily bypass legacy spam filters, firewalls and gateways through increasingly sophisticated CEO fraud and brand spoofing campaigns. Further, due to human nature, even those actively engaged in an awareness training program, are easily lured into downloading an attachment or clicking on a malicious email link to inadvertently provide attackers with access to sensitive corporate networks and data.
Even when detected, nearly half of organizations (46%) reported that it takes a day or longer to remove phishing emails from endpoints once a phishing attack is reported to the security team—largely due to a lack of manpower. Accordingly, about three-quarters (72%) of security professionals said they believe automated inbox scanning and email forensics are the most valuable email security technology; and 93% of respondents agree that humans and technology need to work side-by-side in order to better detect and respond to sophisticated email phishing attacks.
On the flip side, almost a quarter (22%) said they could remove them within 30 minutes.
Eyal Benishti, founder and CEO of IRONSCALES, said: “With email phishing attacks proliferating in frequency and complexity, it’s positive to find that cyber security professionals are beginning to recognize human-machine collaboration as an essential component of their organizations’ phishing response and email security strategies.”
Source: Tara Seals – infosecurity-magazine.com