Phishing Attacks Work !
Orion Software provides a fully managed online service, delivering solutions that can help eliminate Phishing attacks.
Targeted spear phishing has been widely reported to be the most effective method of breaching an organisation’s information security defences. In 2013, Trend Micro reported that over 90% of successful data breaches started with a targeted phishing attack. Despite huge investments in security technology, RSA, Google and Microsoft are all high-tech, high-profile examples of companies falling victims to this form of attack. Hundreds of thousands of SMEs have been hurt and their business impacted by Ransomware attacks such as Cryptolocker launched through a spear phishing email.
What most organisations security technology investments are missing is proper acknowledgement of the role of the human element in information security. Phishing is social engineering, using personalisation, motivation and incentives to persuade its targets into performing the desired action of clicking on a link in an email, downloading and opening an attachment or entering login credentials on a bogus website. Once this happens, the attacker has penetrated the network and has a foothold from which to launch his specific attack.
The attack on Target Corporation which exposed credit card and personal data on more than 110 million people was initiated through a malware-laced email phishing attack to a supplier. It is widely acknowledged that people are an organisation’s weakest link. Targeted phishing campaigns are unmistakably exploiting this fact successfully and will continue to do so until users understand the threat, recognise the level of potential damage their ill-advised actions can cause and are educated to become an effective counter measure.