Studies conducted by Intel Security discovered that up to 94% of users were unable to tell the difference between genuine emails and a phishing attempt.
The study contained another shocking finding; 96% of executives fell for the phishing email, 2% higher than the rate for normal users
High volume of attacks
Email phishing is the preferred method for breaching a business’s defences, as preventing what appears to be a genuine email is difficult using current technology. The sheer volume of these attacks is remarkable. Over 150,000 new phishing Domains were found towards the end of Q4 2014.
It only requires a single employee to fall for a phishing email to impact your entire organisation. That’s why it’s vital to be aware of the dangers of phishing attempts. Below are three things you can do to counteract these threats.
Staff eduction is key defence
Educating employees about email threats and the motivations behind them is one of the best methods you can use to reduce your company’s vulnerability. It’s important to update staff knowledge over time as the attackers will adapt to maintain their chances of success.
Attackers know that getting emails through your outer perimeter and into your users’ inboxes is the only way they will be successful. Reviewing email distribution lists and preventing outsiders from sending emails to internal groups with common addresses is a simple way of closing gaps that can be exploited by phishers.
Even with the best technology and most prudent safeguards in place, the rapid evolution of phishing techniques makes it nearly impossible to protect your company from these threats 100% of the time.