Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Survey: Awareness Training, Spam Filters Still Leave Users Exposed to Phishing

At the Black Hat conference last month, PhishMe, a company that teaches security awareness to help users identify Phishing and targeted attacks, spoke to 250 security professionals and asked them for basic information on how their organizations deals with, or is impacted by, Phishing attacks. As it turns out, it’s a common issue, and most of the basics steps are doing little to lessen the blow.

At the Black Hat conference last month, PhishMe, a company that teaches security awareness to help users identify Phishing and targeted attacks, spoke to 250 security professionals and asked them for basic information on how their organizations deals with, or is impacted by, Phishing attacks. As it turns out, it’s a common issue, and most of the basics steps are doing little to lessen the blow.

Nearly 70% of those who spoke to PhishMe said that they encounter Phishing messages that slip past anti-Spam filters at least a few times a week. Further, 25% of them said that they see them several times a day.

Spear Phishing has become a popular method of infecting enterprises with malware, according to PhishMe. The survey’s results said that more than one quarter (27%) of those who took part said that top executives or other privileged users had been compromised by Spear Phishing in the last 12 months. Another 31% said they weren’t sure if executives or privileged users had been attacked.

RelatedSecuring Against the APT – Integrating Security More Effectively Into the Enterprise

“Many enterprises believe that because they are using spam filtering tools or other email security technologies, they are safe from phishing attacks,” said Scott Greaux, Vice President of Product Management & Services at PhishMe.

“What we found in our survey is that despite such filters, end users are presented with live, malicious attacks in their inboxes nearly every day.”

Advertisement. Scroll to continue reading.

Additional details from the survey include the fact that awareness training is given yearly (or at least once a year) to 49% of the employees at the respondent’s organization, while 10% said that no awareness training is given.

“This survey demonstrates with great clarity that phishing attacks – particularly targeted attacks – are getting through to end users with alarming regularity, yet most organizations don’t train their users on what the most current attacks look like or how to react to them,” added Aaron Higbee, CTO and co-founder of PhishMe.

Related NewsPhishMe Lands $2.5 Million To Help Employees Recognize Evil Emails

Related NewsAdvanced Persistent Threats and The Pillage of America

Written By

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.