31st May, 2021 3 Min read
Book a Demo
Phishing continues to be a major attack vector, and it’s surprising just how many security incidents and breaches start with an employee clicking on a link in a carefully crafted phishing email (and sometimes doing the same with a not-so-well crafted phishing email — see this example).
There’s still a general perception that phishing attacks are more of a risk to consumers than businesses. To an extent that’s true — enterprises deploy security tools to block phishing attacks and now most employees receive ongoing phishing-awareness training. Consumers, on the other hand, may rely on their ISP for protection and are more susceptible to scams (no, the government does not want to give you a tax refund).
But there’s been a major change. According to research published by Akamai, there was a rapid increase in enterprise traffic related to remote working in 2020 — that’s not terribly surprising. What is likely more surprising is that the research also showed a dramatic increase in the consumption of services such as streaming, gaming, and social media from enterprises remotely connected devices.
This can be explained by changes in the way our personal and professional lives have blurred, and that many users are now using the same device for work and play. This means that phishing attacks targeted at consumers or businesses now carry equal risk for an enterprise. In other words, it doesn’t matter if an employee’s laptop is compromised as a result of a phishing attack designed to steal their personal bank account details or their employee credentials — the end result is a compromised device that is connecting to the enterprise’s network.
Let’s now take a look at what Akamai observed in the phishing landscape last holiday season.
Based on Akamai platform traffic, we can see that the number of phishing attack victims increased dramatically from the second half of October to the end of November. During that six-week period, there was an increase of nearly 150% in phishing victims. We attribute that increase to the following reasons: the state of mind of internet users and the motivation for cybercriminals to launch more attacks.
Users are more vulnerable to phishing attacks over that six-week period as the holiday shopping season leads to higher levels of engagement with scams, specifically those that offer deals and coupons — we all want a bargain. Because victims are potentially more susceptible to scams, the holiday season leads cybercriminals to execute a variety of nefarious activities and launch all kinds of phishing campaigns as their potential success rates will improve the more they try.
A look at the leading targeted industries by growth in the number of victims shows that media, e-commerce, and financial services showed significant increases over the same time frame. However, much more noticeable are phishing attacks targeted at financial services with an increase of more than 700% in victims compared with the previous weeks. The increase in financial scams can be explained by cybercriminals’ efforts to maximize their campaign activity over the holiday season as victims are more engaged and as compromised financial credentials are highly valuable.
There are a number of things enterprises can do to improve their defenses against phishing attacks.
Contact us to start your Zero Trust journey today, and finish it quicker than you imagine.
Originally published by Akamai Technologies
Today’s CISOs face a daunting array of security threats. From ransomware and cloud misconfigurations to zero-day exploits and code vulnerabilities, the stakes have never been higher. Join our cloud security expert engineers for an enlightening webinar that delves deep into the state of cloud security in 2023. Learn about the best tools and practices that […]
Welcome to our Solution Brief on Zero Trust, the future of cybersecurity. Our expert team at GlobalDots has prepared this to help you understand the key components of Zero Trust, and its role in securing modern business applications and data. Our Zero Trust solution covers all the critical components of ZTNA, including VPN replacement and […]
We were recently approached by the press to provide some policy guidelines for companies adopting the hybrid or 100%-remote model. Truth be told, GlobalDots’ legacy of remote work dates back to the surge of Skype. Yes, we’ve been working remotely for quite a while, so for us, the Pandemic didn’t change much. It is this […]
New normal, new challenges One of the outcomes of COVID-19 has been our newfound openness to remote work. According to a recent PwC survey, 41% of workers would now prefer their workdays to be fully remote, compared with 29% in January 2021, signaling the desire to work remotely is only ramping up. For cybersecurity teams, this new reality brings […]
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.