Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 27 May, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

60 Percent of Enterprises were Victims of Social Engineering Attacks in 2016

by The Gurus
December 1, 2016
in Editor's News
Share on FacebookShare on Twitter

 Agari, a leading cybersecurity company, today released the results of a commissioned survey, Email Security: Social Engineering Report, conducted by Information Security Media Group (ISMG) on behalf of Agari, which examined the impact of social engineering on organizations across a range of industrial sectors in the U.S. The results revealed that 60 percent of surveyed security leaders say their organizations were or may have been victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked say that employees’ credentials were compromised as a result of the attacks. In addition, financial accounts were breached in 17 percent of attacks.
Social engineering attacks, which rely on human interaction and fraudulent behavior to trick people, are the fastest growing security threat for enterprises today. While traditional attacks leverage technology-based system vulnerabilities, such as software bugs and misconfigurations, social engineering attacks take advantage of human vulnerabilities by using deception to trick targeted victims into performing harmful actions. Examples of social engineering attacks, which are typically launched via email, include phishing, spear phishing and Business Email Compromise (BEC). According to the FBI, BEC scams have resulted in losses of $3.1 billion as of May 2016.
More than 200 respondents participated in the study, from the healthcare, government, financial services and education sectors. Thirty-two percent of these organizations employ 10,000 or more employees, and 42 percent have more than $1 billion in annual revenue. Highlights from the report include:

  • Attack Volumes & Types: 89 percent of respondents have seen either a steady pace or an increase in spear phishing and other targeted email attacks in the past year. Of these attacks, more than 69 percent are after user credentials to commit fraud against the organizations.
  • Trust & Defenses: 49 percent of respondents rate the effectiveness of the current controls they deploy to defend against social engineering attacks as average or below, with 20 percent admitting they didn’t know if their brands have been used in social engineering attacks on customers or partners.
  • Partner Vulnerability: More than one fifth of respondents have ‘no confidence’ in their business partners’ abilities to defend against social engineering attacks that could compromise the respondents’ organizations. 50 percent said they do not have a program in place to audit and encourage partners to authenticate email sent to their organizations, while 21% said they didn’t know if they had this type of program.

“Most enterprises think that if they train their employees to be aware of malicious emails, it will be enough. However, this is delusional as it’s impossible for anyone to consistently distinguish malicious, social engineering-based emails from legitimate emails,” said Dr. Markus Jakobsson, chief scientist for Agari. “Email-based attacks using social engineering are enabling cybercriminals to steal corporate secrets, carry out politically motivated attacks and steal massive amounts of money. We expect to see a catastrophic growth of these types of attacks in the future, fueled by both their profitability and the poor extent to which businesses are protecting themselves, unless these organizations begin taking the necessary technology-based countermeasures to prevent these attacks.”

FacebookTweetLinkedIn
ShareTweet
Previous Post

How AI can be used to defend against the growing IoT-based cyber threat

Next Post

Cyber-attacks on the backbone of today’s economies

Recent News

SnapDragon Monitoring scam advice

Tips to Protect Against Holiday and Airline Scams

May 25, 2023
Access Segmentation & Encryption Management from MyCena

New security model launched to eliminate 95% of cyber breaches

May 25, 2023
KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

May 25, 2023
Purple Logo, capitalised letters: SALT.

Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

May 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information