+1 (877) 634-6847
Customer Support Sign In
PhishingBox Logo
View Pricing Request Demo Sign In

Internet Security Threat Report (ISRT) - 2019

Aug 26, 2019

Back to Blog
The Symantec Internet Security Threat Report (ISRT) for 2019 is continues to provide valuable information for the security professional.  This annual security report provides key statistics that outline cybersecurity risks experienced by various organizations worldwide. 
Some of the key takeaways from this report include, but are not limited to, the following:
 
  • 65 percent of attacker groups used spear phishing as the primary infection vector. (pg. 49)
  • Phishing URLs were 1 in 170 of all URLs in 2018. (pg. 48)
  • 1 in 36 mobile devices has high-risk apps installed. (pg. 41)
  • The email phishing rate is the highest for organizations less than 250 employees at 1 in 2,696. (pg. 28)
  • The rate of employees target by phishing is highest at smaller organizations at 1 in 52. (pg. 28)
  • The malicious email rate, 1 in 323, is the highest at smaller organizations (pg. 25)
  • Scripts are the most common malicious file attachment at 47.5 percent. (pg. 27)
  • Office files account for 48 percent of malicious email attachments. (pg. 24)
The Symantec Internet Security Threat Report can be useful in identifying areas of risk that an organization should attempt to mitigate.  One of the most difficult to address are social tactics that relate to the employee side of security.  Read our Article on Social Tactics Continue to Pose a Serious Threat to Organizations to learn more.  PhishingBox provides tools and resources to mitigate cybersecurity risks related to employees, including our fully managed Socially Secured program.  
Phishing Platform Security Awareness Training

DoorDash Recent Hacks Highlight the Need for Security Awareness Training

Cyberattacks continue to make headlines, and the message is clear: human error remains at the heart of most data breaches. From high-profile incidents like DoorDash’s social engineering breach to findings in Verizon’s DBIR, attackers are increasingly exploiting trust, urgency, and simple mistakes rather than technical flaws. This article explores why security awareness training and phishing simulations are no longer optional, how they reduce real-world risk, and how platforms like PhishingBox help organizations turn employees into a strong, proactive human firewall.

Dec 22, 2025
Platform Security Awareness Training

October Is Cybersecurity Awareness Month 2025

October is Cybersecurity Awareness Month 2025—a reminder that protecting data starts with everyday actions. This year’s theme focuses on using strong passwords, turning on MFA, recognizing phishing, and updating software. Learn how PhishingBox helps organizations turn awareness into action through phishing simulations, training courses, and reinforcement emails. Download the 2025 Cybersecurity Awareness Month Guide to plan your campaign and strengthen your organization’s security culture.

Sep 17, 2025
Phishing Security Awareness Training

DBIR Trends Reveal the Human Side of Data Breaches

Verizon’s latest Data Breach Investigations Reports make one thing clear: the human element is the leading cause of data breaches year after year. Whether it’s a misclick, a misconfiguration, or a convincing phishing email, people—not just technology—are at the heart of most security incidents. This article explores three years of DBIR data, highlights the steady role of social engineering, and explains how organizations can reduce risk by investing in awareness, testing, and training, starting with their own workforce.

Aug 04, 2025