Employees Routinely Bite On Spear Phishing Scams

According to research from the business app and discovery platform GetApp, about a quarter of businesses have fallen victim to a phishing attack, and nearly half of employees surveyed say that someone in their organization has clicked on a phishing email. The same survey also found that only 27 percent of organizations provide social engineering awareness for their employees and that only three-in-ten businesses conduct regular tests to gauge their employees’ vulnerability and susceptibility to phishing scams. Some phishing schemes, such as spear phishing (sending fraudulent emails ostensibly from a trusted party in order to induce recipients to reveal confidential information), target specific members of staff within an organization. This is typically accomplished through social engineering. According to a spokesman for GetApp, the most vexing revelation is how many employees have clicked phishing emails compared to how few companies are actively training their employees to recognize them. “Spear phishing  is an effective and inconspicuous way of infiltrating a business, he says. “It’s vital that employees are taught to recognize it.”