Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
215616 ZDNET 2021-9-9:
Phishing attacks: One in three suspect emails reported by employees really are malicious
1.000 Find similar Compare side-by-side
215636 TECHREPUBLIC 2021-9-9:
The top keywords used in phishing email subject lines
0.812 0.611 Find similar Compare side-by-side
215457 ARSTECHNICA 2021-9-7:
Microsoft Outlook shows real person’s contact info for IDN phishing emails
0.006 0.412 Find similar Compare side-by-side
215668 TECHREPUBLIC 2021-9-9:
Malicious office documents: The latest trend in cybercriminal exploitation
0.394 Find similar Compare side-by-side
215529 ZDNET 2021-9-7:
Watch out for digital Hurricane Ida scams: SEC
0.364 Find similar Compare side-by-side
215781 TECHREPUBLIC 2021-9-8:
Enhancing cybersecurity skills for the entire workforce must be a priority for cyber-resilience
0.356 Find similar Compare side-by-side
215587 ZDNET 2021-9-6:
Cybersecurity is tough work, so beware of burnout
0.351 Find similar Compare side-by-side
215649 ZDNET 2021-9-10:
IT leaders facing backlash from remote workers over cybersecurity measures: HP study
0.336 Find similar Compare side-by-side
215783 TECHREPUBLIC 2021-9-9:
WFH is a cybersecurity "ticking time bomb," according to a new report
0.331 Find similar Compare side-by-side
215661 VENTUREBEAT 2021-9-9:
IT teams face employee resistance to security controls
0.329 Find similar Compare side-by-side
216056 TECHREPUBLIC 2021-9-13:
Protect your endpoints with top EDR software
0.319 Find similar Compare side-by-side
215720 ZDNET 2021-9-10:
US military reservist lands himself prison sentence for operating romance scams
0.312 Find similar Compare side-by-side
215782 ZDNET 2021-9-9:
91% of IT teams have felt 'forced' to trade security for business operations
0.305 Find similar Compare side-by-side
215980 TECHREPUBLIC 2021-9-13:
The Great Resignation: How two chicken restaurants illustrate the need for cultural change
0.299 Find similar Compare side-by-side
216090 ZDNET 2021-9-13:
Brazil debates creation of national strategy to tackle cybercrime
0.291 Find similar Compare side-by-side
215527 ZDNET 2021-9-7:
Howard University announces ransomware attack, shuts down classes on Tuesday
0.289 Find similar Compare side-by-side
215988 VENTUREBEAT 2021-9-11:
Only 8% of orgs with web apps for file uploads have adequate cybersecurity
0.288 Find similar Compare side-by-side
216052 TECHREPUBLIC 2021-9-13:
5 ways to better prepare your organization for a ransomware attack
0.284 Find similar Compare side-by-side
216037 TECHREPUBLIC 2021-9-10:
Your voiceprint could be your new password as companies look to increase security for remote workers
0.282 Find similar Compare side-by-side
215715 ARSTECHNICA 2021-9-10:
Amazon fights high warehouse turnover with offer of free college tuition
0.282 Find similar Compare side-by-side
215522 TECHREPUBLIC 2021-9-6:
Cybersecurity: Watch out for these unique fraudster tricks Loki would be proud of
0.282 Find similar Compare side-by-side
215484 ARSTECHNICA 2021-9-7:
ProtonMail removed “we do not keep any IP logs” from its privacy policy
0.273 Find similar Compare side-by-side
215704 THEVERGE 2021-9-9:
Vape receipts help DOJ nab man who allegedly botnetted thousands of passwords
0.272 Find similar Compare side-by-side
215588 ZDNET 2021-9-6:
This is the perfect ransomware victim, according to cybercriminals
0.272 Find similar Compare side-by-side
215997 TECHREPUBLIC 2021-9-13:
IoT device attacks double in the first half of 2021, and remote work may shoulder some of the blame
0.268 Find similar Compare side-by-side

1

ID: 215616

URL: https://www.zdnet.com/article/phishing-attacks-one-in-three-suspect-emails-reported-by-employees-really-are-malicious/

Date: 2021-09-09

Phishing attacks: One in three suspect emails reported by employees really are malicious

Up to a third of emails that were flagged as suspicious by employees were actually a threat, according to a new report. Phishing emails can claim to be from the post office and ask the user to re-schedule a fake delivery, or from the bank requiring some sort of update or confirmation.   All the time spent ticking boxes in cybersecurity training sessions seems to be paying off after all: according to a new report, about a third of emails reported by employees really are malicious or highly suspect, demonstrating the effectiveness of the well-established maxim "Think before you click".  IT security company F-Secure analyzed over 200,000 emails that were flagged by employees from organizations across the globe in the first half of 2021, and found that 33% of the reports could be classified as phishing. Best VPN services Virtual private networks are essential to staying safe online -- especially for remote workers and businesses. Here are your top choices in VPN service providers and how to get set up fast. Read More Phishing is a common technique used by cyber criminals to lure victims into doing what the hacker wants, whether that is providing personal information or downloading malware. It typically occurs via email, thanks to messages designed to look genuine, and which usually require the recipient to take some form of action.  Don't want to get hacked? Then avoid these three 'exceptionally dangerous' cybersecurity mistakes For example, phishing emails can claim to be from the post office and ask the user to re-schedule a fake delivery, or from the bank requiring some sort of update or confirmation; they sometimes look like they come from corporate departments. What they all have in common is that they try to convince the recipient to take action by clicking a link, providing some sensitive information or downloading an attachment, giving the hacker a way into carrying out an attack.  While phishing can occur through various means, including social media and even the phone, email is the most common method, which accounted for over half of infection attempts in 2020.   Targeting corporate emails, therefore, is an easy way for criminals to use employees as a bridge to hack a company, which is why businesses spend huge amounts of time and money on educating their staff so that they don't fall for the trick.  According to F-Secure's analysis, users submitted an average 2.14 emails each during the period of the research. On average, organizations with 1,000 seats report 116 emails per month. The most common reason users gave for reporting emails was a suspicious link, which was cited in almost 60% of the cases, and closely followed by spotting incorrect or unexpected senders. Participants also mentioned suspicious attachments and suspected spams as reasons to flag.   F-Secure's analysis shows that some words and phrases are associated with a high risk of phishing. They include "Warning", "Your funds has" or "Message is for a trusted".  This points to a common denominator in phishing emails : they are often made to play with the victim's emotions, and designed so that clicking on a bad link is the most intuitive and easiest thing to do.  Despite regular cybersecurity training and reminders that they should be careful, therefore, there is always a risk that employees will be deceived. Researchers have previously found that the average response rate to phishing attacks among employees stands at around 20% , with higher clickrates found for phishing simulations that contain authority or urgency clues.  Half of businesses can't spot these signs of insider cybersecurity threats But F-Secure's new study seems to show that employees still have a good eye for a phishing email. "You often hear that people are security's weak link. That's very cynical and doesn't consider the benefits of using a company's workforce as a first line of defense," said F-Secure director of consulting, Riaan Naude. "Employees can catch a significant number of threats hitting their inbox if they can follow a painless reporting process that produces tangible results."  Naude, however, also pointed out that employee-led efforts in the field of cybersecurity can also create huge amounts of additional work for cybersecurity teams that are already swamped.  And the number of emails reported by employees is only increasing. Over the past 18 months, cybersecurity teams have effectively had to adapt to the rise of remote working, which has hugely expanded the attack surface that hackers can target. As new working practices were deployed in a hurry, malicious hackers were able to exploit the reduced level of monitoring activity to target corporations even more aggressively.   The UK's National Cyber Security Centre's (NCSC) removed about 1.4 million URLs responsible for 700,000 online scams last year – that is, more content in 12 months than was taken down in the previous three years combined.