New Trend Report From IRONSCALES Showcases How Email Phishing Attacks Have Organizations on the Hook

Share Article

12-month study analyzes 8,500 verified attacks against 500,000 mailboxes at 100 organizations located across Africa, Europe, Middle East and North America.

This report verifies that attackers have adopted numerous tools and techniques to circumvent traditional rules-based email security and spam filters.

IRONSCALES, the leader in anti-email phishing technologies, today published its first email phishing attack report called, Trend Report: How Modern Email Phishing Attacks Have Organizations on the Hook. The study, which was commissioned to identify trends in email phishing, such as attacker patterns, current phishing tools & techniques and emerging hacker preferences, analyzed more than 8,500 verified attacks against 500,000 mailboxes at 100 organizations within the financial services, insurance, healthcare and power industries, among others. All companies were located in either Africa, Europe, the Middle East and North America. To download a free copy of the report, visit https://ironscales.com/trendreport2017/.

Phishing has evolved from a mere nuisance into a global epidemic in which organizations of all sizes and across all industries are being negatively impacted at high frequency. In 2016 alone, the SANS Institute revealed that 95 percent of all cyberattacks began with spear-phishing; the Ponemon Institute reported 86 percent of all phishing attacks contain ransomware, and the Anti Phishing World Group (APWG) discovered a 65 percent increase in phishing attacks compared to the previous year, totaling 1,220,523 events worldwide.

Key Findings from IRONSCALES email phishing attack report include:

  • Spear-phishing is increasingly laser-focused - 77 percent of the verified attacks targeted only 10 mailboxes or less while one-third (33 percent) targeted just one single mailbox.
  • Blast campaigns have become micro-targeted - 47 percent of email phishing attacks lasted less than 24 hours while 65 percent of email phishing attacks lasted for less than 30 days.
  • Attackers testing ‘drip campaigns’ - Of the email phishing attacks that lasted for more than 30 days, 35 percent lasted for 12 months or more.
  • Targeted attacks bypassing traditional email spam filters - For every 5 brand spoofed attacks identified by spam filters, approximately 20 spear-phishing attacks bypassed the safeguard and went undetected.
  • Operations and finance were the most remediated departments while DHL, Google & Amazon were the most frequently spoofed brands.

“Sophisticated email phishing attacks represent the biggest threats to organizations of all sizes,” said Eyal Benishti, founder and CEO of IRONSCALES. “This report verifies that attackers have adopted numerous tools and techniques to circumvent traditional rules-based email security and spam filters. It’s now incumbent upon all organizational leaders to make sure that their employees are well-trained in phishing mitigation and that the cybersecurity technology in place is sophisticated enough to identify, verify and remediate email phishing attacks in real-time.”

Machine Learning Expedites Detection & Remediation of Cyber Attacks
The study also confirmed IRONSCALES’ value proposition that combining human intelligence with machine learning helps expedite detection and remediation from months to seconds. Of the 100 IRONSCALES' customers analyzed, 55 percent of organizations discovered attacks in one minute or less while 75 percent discovered attacks in less than 5 minutes. The false positive rate was as low as 2 percent on reported attacks.

In a concurrent study, IRONSCALES analyzed 12 companies that all began as customers within the same week during March 2016, each with approximately 5,000 mailboxes. Over the course of 12 months, users went from remediating less than 500 attacks during the first quarter to remediating almost 6,000 attacks during the final quarter. Such proliferation in attack remediation is due to an increase in employee awareness and training, attack intelligence sharing among organizations and additional integrations of AV and sandbox detection.

IRONSCALES provides a multi-layered and automated approach to prevent, detect and respond to today’s sophisticated email phishing attacks. By combining human awareness training with automatic incident response, automatic remediation and real-time automated actionable intelligence sharing, IRONSCALES reduces the time from phishing attack discovery to enterprise-wide remediation from months to seconds, with very little security team involvement.

For more information on IRONSCALES, visit http://www.ironscales.com and follow @ironscales on Twitter.

About IRONSCALES  
IRONSCALES is the leader in anti-email phishing technologies. Using a multi-layered and automated approach to prevent, detect and respond to today’s sophisticated email phishing attacks, IRONSCALES expedites the time from phishing attack discovery to enterprise-wide remediation from months to seconds, without needing much security team involvement. Headquartered in Raanana, Israel, IRONSCALES was founded by a team of security researchers, IT and penetration testing experts, as well as specialists in the field of effective interactive training, in response to the phishing epidemic that today costs companies millions of dollars annually. It was incubated at the 8200 EISP, the top program for cyber security ventures, founded by alumni of the Israel Defense Forces’ elite Intelligence Technology unit.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Evan Goldberg
ARPR
+1 855-300-8209
Email >
@IRONSCALES
since: 07/2014
Follow >
IRONSCALES

Visit website

Media

Iron Scales logo