Most businesses don’t have to look very far to find a cybercrime waiting to happen. Just take a peek at any employee’s email inbox, in particular the spam folder, and you’ll find any number of phishing emails in search of a victim. Email phishing persists despite decades trying to prevent it. Just ask a favorite target; the world of business and finance. They know phishing attacks are easier to do and unfortunately for them, they’re more costly than ever before.
Email phishing attacks endure despite decades trying to end this persistent cybercrime. The switch to hybrid working and using personal devices have greatly expanded the number of cybercrime targets. And it’s not a secret that successful phishing attacks can mean the start of a much bigger crime. Cybercriminals enter a data system via phishing, and once inside can infect it with their choice of malware. This means ransomware, account takeovers, identity theft, and stolen corporate funds are just some of the crimes email phishing facilitates.
Hefty Price Tags
Since most businesses and their employees depend on email to run, hackers know it’s a deep phishing pool. Barracuda Networks studied how deep the price tag can get for a business hit by this common crime.
Overall, the most costly email attacks averaged $1,033,066, an especially large amount for many businesses to pay. Large businesses averaged even more pricey attacks at $1,264,315, with the most costly single phishing attack at $1.5 million. Remember, one staffer acting on one phishing email is all it takes for a company to pay big bucks and take a potential hit to their reputation, which is hard to quantify.
For now, there’s no silver bullet to stop email phishing but there’s another effective option. With 96% of malware delivered via email, employees of every level from bottom to top benefit from recurring cybersecurity awareness training. A cyber-smart staffer who’s been trained to spot email phishing can keep an entire enterprise safe from attack.
Cybersecurity training should be a regular event since phishing and the malware it brings continue to change, improve, and trend over time. These attacks also take advantage of current events to snag victims. That’s one very good reason that a regular, updated cyber-education program can be one of the best investments in any company’s future security.