The growing threat of cybercrime, from inside and outside the organization, calls for robust countermeasures. We take a look at some of the Status Quo from 2020, so that we can put our focus on what's needed to keep the cyberattackers at bay.
The cybersecurity sector has rapidly grown in 2020. By 2022, it is expected to reach $170.4 billion. Every industry is concerned with protecting sensitive digital information - from healthcare, medical, and biotech industries, to communications, PR, and advertising, to military, aerospace, defense industries, and many more.
Social cyberattacks (through phishing and compromised emails) are the leading cause of computer security breaches, alongside credential theft and human errors.
NetSTAR declares that the number of phishing attacks increased during COVID-19. In some areas, this number has more than doubled, while it rose over a staggering 600% in others.
Phishing emails are those that impersonate well-known brands and companies. The most common brands that are impersonated in phishing emails are:
Apple (10%) Netflix (9%) Yahoo (6%) WhatsApp (6%) PayPal (5%) Chase (5%) Facebook (3%) Microsoft (3%) eBay (3%) Amazon (1%)
With the outbreak of a global pandemic, hackers altered their tactics to target those who have transitioned to working from home; now, one of the most impersonated brands in email attacks is Zoom.
Verizon states that 60% of phishing attempts are aimed at people’s credentials, while 50% are also looking for additional personal information. Some other types of information that can be obtained during a phishing attack are:
Medical records Bank statements Secrets Classified information Payment records IT system data, and more
Because scammers are particularly focused on money, payment and invoice fraud has increased by 112% in the first half of 2020. Finance employees are the most likely targets of these phishing emails, at 87%, compared to individuals working in other industries.
Malicious Email Attachments
Even though the year 2020 was most certainly the year of phishing attacks, we shouldn’t ignore the presence and prevalence of other types of malicious emails. Malware email attachments are designed to collect data and corrupt the information on a user’s computer.
It is essential to know that malicious attachments don’t only come in the form of .exe files. In fact, according to Symantec, the most common type of malicious attachments are .doc and .dot files (37%), followed by .exe at 19.5%.