At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Comcast: 9 out of 10 Attempts to Breach Customer Networks Start with a Phish

    The latest data from Comcast Business’ analysis of over 23.5 billion cyber attacks on their business customers shows the importance and role of phishing in attacks.

    Over the years there has been a consistent mantra, where everyone agrees that “90-something” percent of cyber attacks start with phishing. There have been plenty of sources that corroborate this using percentages in the 90th percentile, but the overall message is phishing is your greatest Initial Access tactic.

    The latest data in the 2023 Comcast Business Cybersecurity Threat Report continues to agree with the phishing sentiment, stating that 89.46% of cyber attacks on their customers begin with a phishing attack.

    2023 Comcast Business Cybersecurity Threat Report

    As the report states, “It’s popular because it works.”

    Of the 23.5 billion attacks, Comcast identified nearly 2 billion phishing attacks designed to gain initial access through harvesting credentials. In addition, they identified frequently-used malware intent on stealing credentials. 34% of such attacks used spoofed websites to steal credit card details and credentials, 60% used keylogger, trojan, and infostealer malware to obtain credentials, and 6% used malicious documents requiring user interaction.

    Regardless of the methodology, the goal is clear – cybercriminals need credentials to gain initial access, to escalate privileges, to move laterally, and to access data. It’s equally clear that phishing is the method of choice to obtain these credentials, making it necessary for organizations to elevate their user’s state of vigilance – something taught with security awareness training – to avoid engaging with malicious content in emails that would trigger the beginning of a cyberattack, even if the goal is to just capture credentials.

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry
    Go Phishing Now

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top