Anti-Spam Tools Fall Short as Enterprises Hit Hard by Phishing Attacks

Enterprise users receive unfiltered phishing messages nearly every day of the week, and most of them are not properly trained to recognize or safely react to them, according to new survey data released today by PhishMe.

More than two thirds (69 percent) of security professionals say they encounter phishing messages that get past anti-spam filters and reach users’ email boxes at least a few times a week, according to a survey of attendees conducted by PhishMe at the Black Hat USA conference in Las Vegas two weeks ago. Almost a quarter of the respondents said they see such messages in users’ mailboxes multiple times every day.
 
“Phishing” is an online attack in which the attacker sends a fraudulent message that appears to be helpful or innocuous, but actually contains malicious code or leads the user to a malicious website. These attacks are sometimes targeted at specific individuals or groups of users within an organization, an attack known as spear phishing.
 
Spear phishing has become a popular method of infecting enterprises with malware, according to PhishMe. In the survey, more than one quarter (27 percent) of security professionals said that top executives or other privileged users in their enterprises have been compromised by spear phishing attacks within the last 12 months. Another 31% of security pros said they weren’t sure whether their executives or privileged users had been hit with such attacks.
 
“Many enterprises believe that because they are using spam filtering tools or other email security technologies, they are safe from phishing attacks,” said Scott Greaux, Vice President of Product Management & Services at PhishMe, which offers a service that simulates phishing attacks to help train users on how to react to them. “What we found in our survey is that despite such filters, end users are presented with live, malicious attacks in their inboxes nearly every day.”
 
With so many unfiltered phishing messages getting through, it is up to the end user to decide how to react – whether to open the message, click on a link, or delete the message before it can do any damage. But PhishMe’s survey of Black Hat attendees indicates that most end users receive only a bare minimum of security awareness training. Nearly half (49 percent) of the respondents said their users receive training only once a year; nearly one tenth (9 percent) said their organizations have no security training programs at all.
 
Among organizations that do provide security training programs, many rely heavily on scripted, delayed forms of instruction that do not provide metrics to program managers and administrators, the survey said. In fact, three of the top four training methods listed by Black Hat attendees – recorded video/computer-based training (39.4 percent), paper tests/quizzes (32.9 percent), and handbooks/printed guides (28.5 percent) – are largely unsuccessful. Only 16 percent of security professionals train their users via simulated attacks (multiple responses were allowed).
 
“This survey demonstrates with great clarity that phishing attacks – particularly targeted attacks – are getting through to end users with alarming regularity, yet most organizations don’t train their users on what the most current attacks look like or how to react to them,” said Aaron Higbee, CTO and co-founder of PhishMe. “If enterprises are going to protect themselves, they need a realistic, regular training regimen that helps users make the right decisions when they see a potential phishing attack – passive security awareness that doesn't focus on tracking behavior modification is ineffective.”
 

Featured

  • Making the Grade with Locks and Door Hardware

    Managing and maintaining locks and door hardware across a school district or university campus is a big responsibility. A building’s security needs to change over time as occupancy and use demands evolve, which can make it even more challenging. Knowing the basics of common door hardware, including locks, panic devices and door closers, can make a difference in daily operations and emergency situations. Read Now

  • Choosing the Right Solution

    Today, there is a strong shift from on-prem installations to cloud or hybrid-cloud deployments. As reported in the 2024 Genetec State of Physical Security report, 66% of end users said they will move to managing or storing more physical security in the cloud over the next two years. Read Now

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3