Cybercriminals have improved their bait to mount sophisticated attacks against targets of every size in every industry. An economic downturn, COVID-19 anxiety, and the new challenges of securing a remote workforce have opened up new waters for bad actors to trawl, and as these phishing facts show, their catch has been plentiful.
- More than 80% of all cyberattacks are phishing attacks.
- Phishing attacks have increased over 600% since the start of the COVID-19 pandemic.
- Almost 65% of organizations have experienced a phishing attack in the last year.
- A new phishing attack is attempted is made every 39 seconds.
- An estimated 90% of cyberattacks that result in data breaches begin with phishing emails.
- 94% of phishing emails use malicious file attachments as the payload or infection source.
- Google estimates it blocks 18 million COVID-19 scam emails a day from its 1.5 billion users.
- COVID-19 has become the biggest phishing topic in history.
- 75% of phishing targets are found through web searches or common email address formats.
- 65% of cybercriminals use phishing as their primary form of attack.
These 10 phishing facts illustrate how important it is to take steps now to mitigate today’s tidal wave of phishing attacks.
The single most effective way to stop phishing attacks is user training.
Quality training to teach users to spot and stop phishing attacks is the biggest boost that any company can add to its cybersecurity defenses. Remote workers are especially vulnerable to phishing threats. By training users to react correctly to the different tricks that bad actors use in phishing attempts and by keeping that training up to date, companies build the strongest possible defense against phishing – a well-trained staff.
Gulf South Technology Solution’s ongoing cybersecurity awareness training is the ideal choice for companies to train staffers to defend against phishing, especially remote workers, featuring more than 80 phishing training and testing kits and 50 security video campaigns to train your staff to defend against a variety of styles of phishing threat.