Nearly 90 Percent of Global Enterprises Targeted by Phishing Attacks

Nearly 90 Percent of Global Enterprises Targeted by Phishing Attacks

Recently, cybersecurity solutions provider Proofpoint released the results of a major survey: The 2020 State of the Phish Report. This study reveals 88 percent of global organizations suffered attacks by business email compromise and spear-phishing attacks in 2019. Therefore, the 2020 State of the Phish Report uncovers the risks facing individual end-users. 

Other key findings from the Proofpoint 2020 State of Phish Report include: 

  • More than half—55 percent—of surveyed organizations dealt with at least one successful phishing attack in 2019. 
  • Additionally, IT security professionals reported a high frequency of social engineering attempts across a range of methods. 
  • Besides spear-phishing and business email compromise attacks, 84 percent encountered SMS/text messaging phishing.
  • 83 percent encountered voice phishing. 
  • 81 percent malicious USB drops.

In other words, enterprises are still vulnerable to phishing attacks and their diverse iterations and evolutions. Moreover, Proofpoint discovered 65 percent of surveyed professionals said their organization experienced ransomware infection in 2019. 

However, there seems to be good news; 78 percent also reported that security awareness training activities resulted in reductions in phishing targets. 

The 2020 State of the Phish Report in Context 

Joe Ferrara, senior vice president and general manager of Security Awareness Training for Proofpoint, gave a statement with the findings. “Effective security awareness training must focus on the issues and behaviors that matter most to an organization’s mission.”

“We recommend taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.” 

Critically, enterprises must recognize that phishing attacks don’t always target users’ credentials. They can also plant dwelling threats into the network without triggering normal digital perimeter protections. 

You can read the full The 2020 State of the Phish Report from Proofpoint here. Also, you can get more information from the SIEM Buyer’s Guide. We cover the top providers and their key capabilities in detail. 


Ben Canner