Phishing attacks continue to plague businesses, with as much as 94 per cent of companies falling victim to this type of cybercrime in the past year alone, according to the latest Egress ‘Email Threat Landscape 2024’ report.
The Egress report highlights organisations’ evolving cybersecurity challenges, particularly involving phishing attacks, and has sparked concern among industry experts and cybersecurity leaders.
Egress revealed that 96 per cent of companies affected by phishing attacks experienced negative repercussions, up from 86 per cent in the previous year. Repercussions extend beyond financial losses, significantly impacting individuals within organisations. The main phishing attacks identified in the report include malicious URLs, malware or ransomware attachments, and compromised account infiltrations.
The escalating sophistication of cybercriminal tactics poses a significant challenge for organisations and their employees in identifying and combatting these attacks, leading to an increase in successful breaches and their associated damages.
AJ Thompson, chief commercial officer at Northdoor plc, commented on the findings: “We have all learned over the past couple of years that phishing is one of the most effective ways for cybercriminals to gain access to a company’s data and infrastructure. The extent of the attacks is perhaps less well-recognised, which makes Egress’ report all the more shocking.”
Furthermore, 74 per cent of employees involved in attacks faced disciplinary actions, dismissals, or voluntary departures, underscoring the severity of the issue and the heightened vigilance among companies in addressing the phishing threat.
The cost of phishing attacks
The organisational costs stemming from successful phishing attacks are substantial, with financial loss from customer churn accounting for 47 per cent of the overall impact. Additionally, reputational damage, fines, regulatory penalties, lengthy remediation processes, and legal repercussions further compound the aftermath of these attacks, amplifying the burden on affected companies.
Cybersecurity leaders are particularly concerned about the rise in supply chain-related phishing attacks, which bypass traditional perimeter defences and undermine investments in frontline cybersecurity measures.
The report revealed that 51 per cent of respondents fell victim to successful phishing attacks from compromised third-party accounts, emphasising the critical need for organisations to understand their partners’ systems and cybersecurity policies comprehensively.
Egress is now urging cybersecurity leaders to adopt new and robust monitoring measures to mitigate potential threats and identify vulnerabilities. This will ultimately safeguard critical data and reduce the impact on individuals and organisations.
