Since the 90s, phishing continues to evolve and continues to trick, especially those in communications, legal and customer service areas.  According to the Verizon 2015 Data Breach Investigations Report, 23% of recipients open phishing messages and 11% click on attachments to those messages.  Of more concern, 50% of recipients open e-mails and click on phishing links within the first hour of being sent
 
Because of the increased danger, the Verizon 2015 DBIR highlighted 3 things to help combat phishing:
 
          • Better e-mail filtering before messages arrive in user inboxes
          • Developing and executing an engaging and thorough security awareness
            program
          • Improved detection and response capabilities
 
By educating your people on phishing and social engineering you’ll train them to detect phishing attempts and to stop them from clicking on those links.
 
The 2015 DBIR reinforces the importance of making security a habit.
 
According to the Verizon 2015 Data Breach Investigations Report, the top 3 industries affected by security incidents are public, information and financial services.
 
The top most-breached industries in descending order are:
  1. Public
  2. Financial services
  3. Manufacturing
  4. Accommodation
  5. Retail
 
Manufacturing is in the top 3 for breaches because it is the industry most-targeted for cyber espionage.  In 2 of the top 5 breaches, small organizations appear to be breached far more than larger ones.  In retail, the researchers found more than 4 times as many breaches of small organizations.  In accommodations, they found 18 times as many breaches.

For 2 years, more than 66% of incidents that comprise the Cyber-espionage pattern have featured phishing

Findings from the “Verizon 2015 Data Breach Investigations Report” include the following:

  • As much as 70% of cyberattacks use a combination of phishing and hacking techniques.
  • The top 3 industries affected by data breaches are Public, Information & Financial Services Phishing has been on the rise since 2011.
  • Phishing campaigns have evolved in recent years to incorporate installation of malware as the second stage of the attack.
  • 23% of recipients now open phishing messages and 11% click on attachments.
  • For 2 years, more than two-thirds of incidents that comprise the Cyber-Espionage pattern have featured phishing.
  • Nearly 50% open e-mails and click on phishing links within the first hour.
  • The reality is that you don’t have time on your side when it comes to detecting and reacting to phishing events.
Click here for the full Verizon 2015 Data Breach Investigations Report