The report “Phishing Insights 2021” from Sophos was just launched. In order to compile the report, 5,400 IT decision-makers from 30 countries were polled about their phishing experiences in 2020. According to the findings, the vast majority of businesses faced increased phishing attacks via email in 2020.
Sophos develops communication endpoint, encryption, and email security solutions. It also offers data security in the cloud, network security, mobile security, and unified threat management. Sophos’ products include the Intercept X Endpoint, XG Firewall, and Managed Threat Response.
As per the Phishing Insights 2021 report, phishing emails have increased in 70% of enterprises. When split down by industry, the most targeted entities were central government organizations with 77% followed by business and professional services with 76% and healthcare with 73%. According to the report, 76% of the 500 organisations polled in the United States reported an increase in phishing.
Surprisingly, IT decision-makers disagreed on what constitutes a phishing attack; while the majority reported that phishing attack emails resembles emails from legit businesses, others classified it as any email that contains a malicious link.
Chester Wisniewski, Principal Research Scientist at Sophos, gave a statement with the report. “The temptation for organizations can be to see phishing attacks as a relatively low-level threat, but that underestimates their power. Phishing is often the first step in a complex, multi-stage attack. According to Sophos Rapid Response, attackers frequently use phishing emails to trick users into installing malware or sharing credentials that provide access to the corporate network. The team has seen first-hand how a seemingly innocuous email can ultimately lead to a multi-million-dollar ransomware attack. Cryptojacking, data — and even financial — theft are all potential outcomes after a phishing attack has opened a door for adversaries.”