Do you know how to spot a phishing email and are you training your employees on this as well? Why, we ask? Because email phishing is still the #1 cause of malware infections for small businesses.
According to the Wombat 2018 State of the Phish report, 92.4 percent of malware is delivered via email, 76 percent of organizations say they experienced phishing attacks and 49 percent of successful phishing attacks resulting in malware infections. 38 percent of successful phishing attacks against businesses resulted in compromised accounts. Most businesses (64 percent) measure the cost of phishing through the loss of productivity for employees.
Email phishing is still the #1 cause of malware infections for small businesses.
Loss of downtime due to a click of an email containing a malware infection is incredibly expensive to small businesses, averaging at around $8,500 per hour according to Datto. According to those numbers, it makes complete sense why 60 percent of small businesses wind up out of business after a cyber attack.
In 2018 and due to the large rise in security breaches and the high chance that at some point, most people had at least one of their personal or business accounts compromised, and most consumers have learned to be more cautious about avoiding phishing scams. Still though, in 2015, a McAfee survey found that 97 percent of consumers were unable to correctly identify phishing emails. With the increasing rise of talented hackers, how many users are regularly trained to stay up to date with the latest malicious phishing techniques?
A McAfee survey found that 97 percent of consumers were unable to correctly identify phishing emails.
According to PhishMe's Enterprise Phishing Resiliency and Defense Report, phishing attempts have grown 65 percent in the last year. Studies from Symantec's 2018 Internet Security Threat Report (ISTR) concluded that around 54.6 percent of all email is spam and the average user receives 16 spam emails per month. If you only have 15 employees, that's 240 times a month you have to trust your employees' capability to 100 percent of the time be able to recognize a malicious and often legitimate looking email scam. That is roughly 2,880 attacks on your business throughout an entire year.
The importance of making sure not only you but your employees and customers are regularly provided resources to be able to prevent a cyber attack via email phishing is ever more critical for the continuity of your business. If you use an IT Support provider or have an internal IT person and they do not currently have cybersecurity awareness training and resources in their service offerings, you may want to consider a new provider or add this on through another service.
And since we want all businesses to be safe and realize a lot of this information may make your head spin, here are some free resources and Email Phishing Training tips and tools for you to utilize for DIY purposes in the meantime:
- KnowB4: Email Phishing Security Test and Free Phish Alert Button
- https://security.pii-protect.com: Email Phishing Quiz
- Small Business Big Threat: Cyber 101 Quiz
- Stay Safe Online: Free Online Security Checkup Tool
- OpenDNS: Email Phishing Quiz
- From The Purple Guys library: How To Train Your Employees Against Email Phishing Attacks and How To Spot Email Phishing Attempts Before You're On The Hook
For more information or to talk to someone about how to engage a program for Cybersecurity Awareness and Email Phishing Training for your employees, contact The Purple Guys today.
Kansas City: 816-221-3900 or St. Louis: 314-696-6700