New data shows phishing attacks remain high and few are spared

These reports keep demonstrating the necessity for education. Not only in cybersecurity but in technology in general.

Especially the decision makers and “power” users.

While I agree that having them available without signing in here would be useful for some, I for one like being notified through this system and reading the comments that Tyler adds to just reading a report. There is some perspective and content that is not necessarily obvious in some reports, which can often be “a little dry.” But additional and flagging by Tyler not only call my attention to these reports, but add some excellent background. 

So thanks for the excellent writeup Tyler, and access to the reports as well. 

Thank you and many people already said it well.

Im just here for ps2 mice from the early Naughtys.

Great article. I will share it with my colleagues.

Unless the staff take and act on fake phone calls from “Microsoft/Google/Amazon/ISP staff”,  phishing is the best way to get the criminals in to the network.  Its no surprise they want a privileged IT users account and that employees think that they don’t know really whats happening, they may be the targets but are not the fighting front line.  I can’t see any let up in phishing, with crypto and blockchain being further deployed. its going to get much worse.  All those gleaned credentials of people employees already know, get more valuable daily.

The more layered support from software can only help so far. Unfortunately it is the training that needs to keep up as well, as those users have a habit of becoming victims.

Great content. One of the many reasons I joined

Great article, thank you very much for sharing.

It seems that any Security Awareness Training really should begin within your own organisation before rolling it out to clients, especially with IT generally being such a large target.

No attacks for us but we’ve seen an uptake for customers. User awareness training is vital. Users will always be the weakest link no matter how advanced and secure businesses make their IT.

Monthly training at a minimum with business backing on training and reviews to make sure people get the message and understand the risk.

We have started seeing an increase in phishing scams during the lockdowns. User training has been an increasing concern as we have had more users email us with a phishing email asking if it was legit or not. It’s good that the users are asking us first instead of clicking, but we still don’t know if other users are clicking on those emails.

SAT would and has been great for finding out those click happy users so we can give them proper training.

Thanks for the article, its good to know that a large amount of people have experienced the rise in Phishing scams.

Good ready Tyler, thanks!

Not surprised IT departments are a target. We all know that MSPs are a target as well due to their client base.

We have actually put SAT in place as a standard service feature for our client base.

I can say from experience that proper SAT makes a difference. It may be hard to get buy in at first, but once the program is in place the results are undeniable. Phishing is a huge issue for most orgs and not addressing IT risks head on is a recipe for disaster. I am thankful to work for an org that listens to recommendations and doesn’t just think of IT as overhead.