When anti-phishing security company PhishMe tested about 1,000 of its customers worldwide by sending them more than 40 million simulated phishing emails over the course of 18 months, it concluded that phishing causes the vast majority of cyberattacks — an estimated 91% of them. It also found the most effective phishing emails come from Locky ransomware, most likely because they look like personalized invoices and lack the grammar and spelling mistakes common among other malware.
But there’s hope. PhishMe also discovered that people’s susceptibility to phishing email dropped by almost 20% after just one warning that they’d failed a simulation. And that matters, because the survey claims that when employees actively report phishing email threats, companies need just 1.2 hours on average to detect a breach, a significant decrease from the industry average of 146 days.
The moral? Training employees to recognize the signs of a phishing expedition works — and works fast. Call us for help teaching your employees how to keep your company off the hook.