skip to Main Content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target

    Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.

    Malware-based attacks certainly are not dead, as threat actors need to gain control over endpoints, and ransomware continues to thrive. But new data from PhishLabs’ Quarterly Threat Trends & Intelligence Report shows that cybercriminals are favoring attacks that are less likely to be detected by security solutions – the greatest, of which, is vishing.

    According to the report, hybrid vishing now leads over business email compromise (BEC) as the second most reported response-based threat, with one in four reported response-based attacks being a vishing attack.

    Response-based threat – those attacks that rely on social engineering and requiring the interaction of a corporate user – represented 37.5% of email-based threats as well, with credential theft used in nearly 59% of attacks, and malware delivery only occurring in less than 4% of attacks.

    This breakdown demonstrates the power and effectiveness of the use of social engineering tactics and the longer-term play by threat actors to gradually gain the access needed to compromise networks and breach data.

    It also makes the case for the need for Security Awareness Training to counteract such tactics – whether the medium is email, web, voice, or text. If users are not fully-prepared for social engineering attacks, the trends outlined by the PhishLabs report indicate that cybercriminals will continue to win the battle, seeing more successful attacks via social engineering.


    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/kmsat_quote-request_partner?partnerid=001a000001lWEoJAAW

    close

    Sign Up to the TIO Intel Alerts!

    Back To Top