• Log in
  • About Us
  • Privacy Policy
  • Contact us
Telecoms IT News - VanillaPlus
  • Home
  • News
  • Verticals
    • 4G
    • 5G News
    • Big data analytics
    • Bill & Charge
    • CEM
    • Companies
    • Digital transformation
    • Fraud prevention
    • Managed services
    • Network optimisation
    • NFV Hub
    • OSS
    • People
    • Policy
    • Revenue assurance
    • Revenue management
    • Service assurance
    • Service Provisioning
    • Test & measurement
  • Digital Edition
  • Events
    • Events diary
    • Webinars
  • Videos
  • VP Featured
    • Webinars
    • Podcast
    • Editorial advisory board
    • Expert opinions
    • Hot List
    • Operator View
    • Press releases
    • Reports & whitepapers
    • Special reports
    • Talking Heads
    • Troubleticket
    • Digital Talking Heads
  • Directory
  • Trending Tech
  • Subscribe
 

You are here:

  • Home
  • Comms security News
  • The phishing hook may be seen, but employees are still unlikely to report it

The phishing hook may be seen, but employees are still unlikely to report it

14 August, 2015 at 1:30 PM

Posted by: Milan Goldas

The phishing hook may be seen, but employees are still unlikely to report it

A survey of over 200 IT professionals at this year’s InfoSecurity Europe event has found that, while almost 80% of organisations have a process for employees to report phishing emails to the IT/security department, most don’t.

In fact, over half of those spoken with (52%) estimated employees report less than 25% of dodgy emails. Digging a little deeper revealed only 8% think that more than 75% of suspicious messages are reported.

This surprising statistic comes in the wake of countless recent phishing incidents surfacing in the media, with some incurring personal costs of almost £50,000. The study, conducted by Phish’d by MWR InfoSecurity – a fully managed phishing assessment service designed to maintain a heightened level of security awareness across an organisation, found that organisations are all too aware that email offers a passage into an organisations’  infrastructure with 64% believing it’s the weakest entry point that could result in the compromise of internal systems.

“I’m reassured by the high percentage of organisations that have a reporting process for phishing messages but somewhere along the line something is going wrong as employees simply aren’t using these reporting processes. The sad reality is that, while spam filters and anti-phishing software will prevent some of the nuisance messages landing in people’s inboxes, more targeted phishing messages are purposefully designed to avoid detection and usually get through to the intended recipient, even in companies using the latest technological controls. Ultimately, it comes down to employees to report targeted phishing attacks; so organisations need to ensure their workforce is educated and empowered enough to use the correct reporting process,” explains James Moore, senior security consultant of Phish’d.

James continues, “Our experiences tell us that, if a phishing message does manage to coerce the individual into either clicking or downloading a payload, the malware it delivers will almost certainly slip in and then conceal itself. Once on the network, malware can allow an attacker to start spreading out across a network; turning the compromise of one users’ workstation into a much larger issue. Of course, the ideal is for users not to be tricked in the first place but, assuming someone will be fooled, if other colleagues have reported the message the IT team can at least be aware that something may have got in and start tracing other likely points of entry to contain the damage and eradicate the infection.”

Even companies that have effective tools for reporting scam emails tend not to train their employees how to spot them, as only 45% of the companies questioned during this survey regularly train their staff to spot friend from foe in their inboxes. Organisations are often quick to assure their clientele that they keep data secure and stringently maintain their defences against cybercriminals – however, this survey highlights that even businesses that have plans and processes to prevent phishing being used as an attack vector, the lack of implementation weakens defences.


category: News, Press Releases

Tags: InfoSecurity Europe, IT

VanillaPlus Q4 Magazine
 

VanillaPlus Issue 4 2022: CSP focus turns to generating revenue from enterprises

As 5G arrives, private networks start to gather momentum and new applications enabled by artificial intelligence (AI), machine learning and software-based network control transform telecoms. VanillaPlus caught up with Sam Barker, the head of analytics and forecasting at Juniper Research, to understand where the opportunities lie for communications service providers (CSPs).

READ NOW

Comments are closed.

  • Facebook
  • Twitter
  • YouTube
  • LinkedIn
  • Subscribe
Relax time
Read the new novel by J.J. Cowan on Africa’s conflict minerals trade and forced labour. 5* Reviews on Amazon.co.uk Paperback & Kindle

Check out on Amazon

X

Be the first to know!

  • The top telecom IT news stories of the minute
    in your inbox
  • Exclusive offers for entry into hundreds of
    events worldwide
  • Free access to a huge selection of the latest
    analyst reports and whitepapers
Subscribe now so you don't miss out
Don’t show me this again
Please check your email
x
Vanillaplus - The Global Voice of Telecoms IT
The Global Voice of Telecoms IT

VanillaPlus is the world-leading resource covering digital transformation for the communications industry. VanillaPlus brings you exclusive News, Expert Views, and Event Reviews. See Interviews from CEOs, CTOs, and COOs who are successfully transforming their business today.

Connect

Facebook Twitter YouTube LinkedIn

NEWS

  • Latest Telecoms IT news

DIGITAL EDITION

  • Latest Editions

OTHER

  • Newsletters [Archive]

KNOWLEDGE CENTRE

  • Webinars
  • Special Reports
  • Talking Heads
  • Editorial Advisory Board

COMPANY

  • About
  • Contact Us
  • Terms & Conditions
  • Privacy Policy

PARTNERS

  • IoT News

© 2014-2022 VanillaPlus - The global voice for telecoms IT. All rights reserved.