Phishing. O365. Cyber Security.
A quarter of phishing emails bypass Office 365 security
Email phishing is one of the most often used – and most successfully used – attack vectors that lead to cybersecurity incidents and breaches.
Microsoft is the most impersonated brand
“Cloud based email, with all of its benefits, has ushered in a new era of phishing attacks. The nature of the cloud provides even more vectors of which hackers take advantage, and even broader access to critical data when a phishing attack is successful,” says cloud security company Avanan.
And, unfortunately, too many phishing emails evade the default security protection implemented by the cloud providers.
According to their recent Global Phish Report, which presents insights from 55.5 million emails that passed the default security and were then scanned by their security solution, 30.3% of phishing emails sent to organizations using Office 365 Exchange Online Protection (EOP) were delivered to the inbox.
Of the 561,947 phishing emails they detected and analyzed:
50.7 percent contained links pointing to malware or delivers the malware as an attachment40 percent were after credentials (of email accounts, online banking, etc.)8 percent were extortion attempts(A mere) 0.4 percent were spearphishing emails.
“Although spearphishing is far less common than the other three vectors, it often has the largest impact. Spearphishing attacks target high level employees who have access to either company finances or other sensitive information,” the company explains.
“These phishing attacks can also be the most difficult to detect, given the lack of attachments or links that can be flagged by anti-phishing tools.”
inSync Computer Solutions has partnered with a nationally renowned cyber security awareness training. Your users are your last line of defense. They need to be trained & remain on their toes with security top of mind!
Phishing Reply Test
Highly targeted phishing attacks, known as CEO fraud scams, have exceeded $12.5 billion in total known losses worldwide. The bad guys use these social engineering attacks to impersonate your CEO and convince your users into sharing sensitive information. Find out now if key users in your organization will reply to a highly targeted phishing attacks.
Bad guys are constantly coming out with new versions of ransomware strains to evade detection. Is your network effective in blocking ransomware when employees fall for social engineering attacks? RanSim simulates 13 ransomware and 1 cryptomining infection scenario to show you any vulnerabilities in your network.
Phishing Security Test
Find out what percentage of your users are Phish-prone™ with your free Phishing Security Test. Why? If you don't do it yourself, the bad guys will. Plus, see how you stack up against your peers with phishing Industry Benchmarks. Test your organization now, the Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Contact us for more information on Security Awareness Training! (949) 837-5000