Sophos Releases Phishing Insights 2021 Report
Sophos recently released its “Phishing Insights 2021” report. The report polled 5,400 IT decision-makers in 30 countries on their phishing experiences for 2020. The results indicate that a vast majority of companies experienced more phishing attacks via email in 2020.
Sophos develops products for communication endpoint, encryption, and email security. Additionally, it provides cloud-native data security, network security, mobile security, and unified threat management. Among its offerings, Sophos offers the Intercept X Endpoint, the XG Firewall, and Managed Threat Response.
According to the Phishing Insights 2021 report, 70 percent of enterprises faced an increase in phishing emails. When broken down by industry, central government organizations endured the most attacks (77 percent) followed by business and professional services (76 percent) and healthcare (73 percent). Of the 500 companies in the United States polled for the report, 76 percent reported the increase in phishing.
Interestingly, IT decision-makers disagreed on what constitutes a phishing attack; while a majority stated that phishing attack emails resemble emails from legitimate organizations, others defined it as any email with a bad link.
Chester Wisniewski, principal research scientist at Sophos, gave a statement with the report. “The temptation for organizations can be to see phishing attacks as a relatively low-level threat, but that underestimates their power. Phishing is often the first step in a complex, multi-stage attack. According to Sophos Rapid Response, attackers frequently use phishing emails to trick users into installing malware or sharing credentials that provide access to the corporate network. The team has seen first-hand how a seemingly innocuous email can ultimately lead to a multi-million-dollar ransomware attack. Cryptojacking, data — and even financial — theft are all potential outcomes after a phishing attack has opened a door for adversaries.”
Learn more about Sophos here.