How Spear Phishing Puts Businesses on the Hook

Samuel Greengard Avatar

Updated on:

How Spear Phishing Puts Businesses on the Hook

How Spear Phishing Puts Businesses on the HookHow Spear Phishing Puts Businesses on the Hook

Detecting fake messages can be difficult even for those with a trained eye, and criminals are becoming expert at exploiting organizations from the top down.

In the CrosshairsIn the Crosshairs

84% of survey respondents estimated that a spear-phishing attack had penetrated their organization’s security defenses.

On the HookOn the Hook

On average, respondents estimated that 28% of spear attacks get through their organization’s security defenses.

Damage ControlDamage Control

The most common problems resulting from a spear-phishing attack: diminished employee productivity (41%), financial loss (32%), damage to company reputation (29%) and brand reputation (27%).

Taking StockTaking Stock

15% of respondents said that their company had experienced a decrease in stock price as a result of a successful spear-phishing attack.

Who's the Target?Who’s the Target?

Leading targeted over the last 12 months include: IT (44%), financial teams (43%), sales staff (29%), CEO (27%) and other executive staff (24%).

Preparation Is LackingPreparation Is Lacking

Only 11% of respondents think their organization is fully prepared to deal with spear-phishing attacks.

Training BreakdownTraining Breakdown

Nearly 80% of organizations use staff training to prevent attacks. However, only 3% of those that test employees’ responses to spear-phishing attacks find that all employees passed.

Bad Marks AboundBad Marks Abound

On average, respondents estimated that 16% of staff failed their organization’s most-recent spear phishing test.

Solutions MatterSolutions Matter

71% of organizations have implemented a solution to prevent spear phishing. Within this group, 80% use a secure e-mail gateway and 64% rely on a secure Web gateway.

Costs CountCosts Count

On average, respondents estimated the financial impact of spear phishing to their organization over the last 12 months to be more than $1.6 million.

RecommendationsRecommendations

Use more modern security technologies designed to protect against spear phishing and continue to educate and train employees—from the C-suite to administrative groups—to spot bogus messages.

Samuel Greengard Avatar