Scammers will use any tactics to ensure they reach their target and get what they want, and businesses are attractive targets to criminals looking to extract money or install malware to steal data.
The rise of ‘Sextortion Scams’ are a prime example of criminals using human emotion to try and create panic in their victims and manipulate them into carrying out their goal.
The latest report from ProofPoint has highlighted that scammers are now attempting to cast a net as wide as possible when targeting businesses by focusing efforts on low-level employees and mailing groups.
The report found that:
- 30% of credential phishing attacks targeting generic company email addresses, such as sales@ or admin@
- 60% of phishing attempts spoofed more than 5 identifies within an organisation
- 80% of organisations were involved in attacks attempting to send email to 6 or more recipients within the organisation
- 40% of organisations were intended recipients of 50 or more phishing email attacks
|Source: ProofPoint Report|
These generic email addresses are easy for criminals to guess and have a higher distribution than trying to guess an individual’s email address.
This new trend highlights the need for ongoing cyber security training throughout the entire staff to empower them to work with a security mindset and lower the risk of attack in your business.
If you’re interested in how to get started training your staff, check out our blog post ‘Cyber Security Training: How to train your staff’ or take our free Phishing Test to see if anyone in your business would fall for a phishing email.