Cisco research on targeted phishing attacks explains why email remains the primary attack vector for cyber criminals.
The research from Cisco points out, cybercriminal business models have shifted toward low-volume targeted attacks. The report, Email Attacks – This Time Its Personal, documents that email remains the primary attack vector, the annualized cybercrime business activity caused by mass, indiscriminate email attacks has declined by more than half. However, the business activity caused by highly-personalized targeted attacks is growing rapidly. The study examines attack trends and explores the impact of these campaigns. The findings in this study were based on research Cisco conducted with organizations worldwide across a broad range of industries. Some of the finding include, but are not limited to the following:
The economics of a spearphishing attack can be more compelling than for a mass attack. Spearphishing attack campaigns are limited in volume but offer higher user open and click-through rates. With these constraints, cybercriminals are increasingly focusing on business users with access to corporate banking accounts, to make sure they’re seeing sufficient return per infection.
As the research points out, the volume of mass attacks has declined, but the the ability of cybercriminal to use targeted phishing campaigns has increased. Organizations have to bear the burden of not only the monetary loss but also the cost of remediation of infected hosts and the negative impact on their brand reputation. Business cannot ignore the risk from this threat vector.
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.