Phishing continues to be a widespread cybersecurity problem for every organization and business. It continues to be one of the most commonly used tools to enter a network, deploy ransomware, and gain additional access. It is a technique that is low effort which unfortunately, yields successful phishing attempts for cyber criminals.
In 2022, Verizon found that 82% of data breaches involved a human element consisting of phishing and the use of stolen credentials. The FBI’s Internet Crime Complaint Center (IC3) found that victims of phishing, vhishing, SmiShing, and pharming were up 32% in 2022, with 323,927 victims, from the previous year.
While the attacks are getting more sophisticated for users and workers to recognize, they’re not getting any more difficult for cyber criminals to put together. More brands that users interact with on an everyday basis are easier to imitate, and so is information about where people work and whom they work with. The use of artificial intelligence has also made it easier for these cyber actors to trick workers with access to sensitive information into clicking on a link or sending money.
Phishing awareness and prevention is an important topic and type of training that requires constant updates and attention as new information, techniques and past attacks come to light.