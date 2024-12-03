HR and IT are among top-clicked phishing subjects

No Comments

A new report reveals that HR and IT-related phishing emails claim a significant 48.6 percent share of top-clicked phishing types globally.

The research from KnowBe4 also shows that among large companies -- 1,000+ employees -- the most targeted industries are healthcare and pharmaceuticals with a Phish-Prone Percentage (PPP) of 51.4 percent, insurance on 48.8 percent and energy and utilities on 47.8 percent.

Medium businesses see hospitality move into the top spot with a PPP of 39.7 percent, healthcare and pharmaceuticals on 38.8 percent and the consulting industry in the top three for the first time with a PPP of 36.2 percent.

Smaller firms with under 250 staff again have healthcare and pharma at the number one spot, with a PPP of 34.7 percent. Education is second on 32.4 percent, slightly more than one point more lower than the previous year, with hospitality third on a PPP of 31.2 percent.

Email-embedded phishing links continue to be the attack vector of choice. These malicious links, PDF attachments and spoofed domains, when interacted with, often result in disastrous cyberattacks, including ransomware attacks and business email compromise. The report also reveals a surge in phishing campaigns using QR codes. Popular QR code phishing subjects include HR reminders for policy reviews, DocuSign emails to sign an urgent document, and Zoom meeting invitations.

"Our latest phishing report underscores the evolving sophistication of phishing tactics, with cybercriminals increasingly exploiting the trust employees place in internal communications," says Stu Sjouwerman, CEO of KnowBe4. "The prevalence of HR and IT-themed phishing attempts, coupled with emerging techniques like QR code integration, presents a complex threat landscape. These tactics are particularly deceptive as they leverage the perceived legitimacy of trusted sources, often prompting hasty actions before verification. In this rapidly changing environment, a well-trained workforce and a robust security culture are not just beneficial -- they are essential. By prioritizing human risk management, organizations can effectively build a formidable defence against avoidable cyberthreats."

You can get the full report from the KnowBe4 site.

Image credit: 8vfand/Dreamstime.com

No Comments
Got News? Contact Us

Recent Headlines

Is EasyOS Scarthgap 6.5 the perfect alternative to Windows 11 and mainstream Linux?

Cyberwarfare 2025: The rise of AI weapons, zero-days, and state-sponsored chaos

Today is the day! Say goodbye to Microsoft Windows 11 -- Nitrux Linux 3.8.0 is the OS you've been waiting for

HR and IT are among top-clicked phishing subjects

MSI Claw 8 AI+ and Claw 7 AI+ handhelds offer Windows 11 Copilot+ capabilities and powerful gaming performance

Two-thirds of office workers bypass security protocols

How to address cloud-native security risks in 2025

Most Commented Stories

Windows 12 is everything Windows 11 should be -- and the Microsoft OS we deserve!

36 Comments

Forget bloated Windows 11, Windows 12 Lite is the Microsoft operating system we need!

29 Comments

What happens to Linux when Linus Torvalds dies?

25 Comments

Bluesky thinking -- why left-wingers are leaving X and why X will get over it

21 Comments

The Guardian’s exit from Elon Musk’s X shows a lack of journalistic courage

13 Comments

Waiting for Microsoft Windows 12 is a mistake when you can upgrade to Linux today

11 Comments

Tech leaders congratulate Donald Trump on 2024 election victory

8 Comments

Satechi unveils Mac mini M4 Stand and Hub with SSD Enclosure

6 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.