The increase in remote users mixed with a lack of adjusting to cloud-based security services likely created the perfect opportunity for cybercriminals.
I’ve already talked about how remote employees develop bad cybersecurity habits, and how this less-than-secure activity is creating risk for the organization. New data from Palo Alto Network’s Unit42 division covering the current state of phishing attacks puts the results of improper security and bad remote user behavior into perspective.
According to Unit42:
- New Phishing URLs per week jumped from around 20,000 in April of 2020 (near when the pandemic began to impact most businesses) to nearly 50,000 in April of 2021
- Business-related phishing URLs saw a similar jump during the same timeframe, from approximately 28,000 in April of 2020 to approximately 62,000 in April of 2021
- Interestingly, the number of phishing URLs saw a drop towards the end of 2020, with sharp increases this year
- Even so, the amount of phishing traffic for remote users was nearly triple that of on-premises users – which may be explained away by the sheer number of remote employees
- Telecommunications were, by far, the most targeted industry vertical by almost double that of the next industry in Unit42’s list – High Tech
Phishing has established its position as one of the primary ways threat actors gain access to your network. Putting security measures in place to stop these kids of attacks are critical – URL filtering, DNS filtering, email scanning, and Security Awareness Training all play a role in stopping email-based threats.
If you don’t have a layered security strategy in place including the solutions above, you’re not reducing the threat surface and the risk of successful attack.
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW