Phishing attacks target UK SMBs
According to a new study 43 percent of UK SMBs have suffered phishing attacks involving attempts to impersonate staff in the last year.
More concerning is that of those attacks 66 percent were successful in compromising data. The study from security and data anlaytics company CybSafe also finds only 47 percent of those surveyed say they have already got a cyber security training and awareness program in place.
"Phishing is currently the dominant attack vector for entry into networks, and its popularity isn’t hard to understand," says Oz Alashe, CEO of CybSafe. "It's easy to carry out, easy to profit from, and from the perspective of cyber security professionals, it's notoriously difficult to defend against. Just one individual falling victim can be enough to give criminals the foothold required to access confidential information."
Respondents see email phishing as posing a much greater threat than phone phishing. Compared to nine other potential threats, email phishing was perceived to be the second most pressing threat (37 percent). By contrast, phone phishing was believed to be the least (8.8 percent) urgent threat to business.
Alashe adds, "Our latest research shows that, despite the severity of this threat, UK businesses are taking very little action at the moment. Of those that are doing something, many are simply paying lip-service to security training for compliance reasons, and aren’t demonstrably reducing their human cyber risk."
You can find out more about using simulations to protect against phishing attacks on the CybSafe site.