Most of today’s nastiest cyberattacks like ransomware, business email compromise and account takeover all arrive at your company’s doorstep in the same way: through a phishing email. If that phishing email reaches employees, it’s highly likely that someone will take the bait. Human error is the biggest driver of cybersecurity incidents. That error might just be sending someone inside the organization the wrong file, but it could also be clicking a phishing message and unleashing a ransomware disaster, an expense no organization can afford. That’s what makes strong email security a cornerstone of any company’s cyber defense and a great way to save money.
Excerpted in part from our eBook The Business Case for Graphus. DOWNLOAD NOW>>
AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>
Phishing is Outrageously Expensive
The 2021 Ponemon Cost of Phishing Study laid out the damage: the cost of phishing attacks has almost quadrupled over the past six years, with large U.S. companies losing an average of $14.8 million annually (or $1,500 per employee) to phishing. The study found that in an average-sized U.S. corporation of 9,567 people, that lost productivity translates to 63,343 wasted hours every year. Each employee wastes an average of 7 hours annually due to phishing scams. All in all, researchers estimate that it costs businesses an eye-popping 2,050 hours of tech time investigating and responding to one compromise or a shocking average of 10,906 hours estimated yearly. Assuming an average annual rate of $63.50 for tech support, that adds up to a total annual cost of $692,531, an increase from $381,920 in 2015 (this survey is at a 5-year interval).
Most Likely Departments to be Targeted by Phishing
by % of observed phishing messages
- IT = 74%
- Sales =35%
- Executives = 27%
- Marketing = 25%
- Customer Support = 21%
Source: Tech Republic
The Top 5 Sectors in Which Employees Interact with Phishing Messages
- Apparel and accessories
Source: Tech Republic
Companies Face a Flood of Phishing
The tide of phishing is rising, and its swamping employees with dangerous malicious messages every day. This is a problem that is getting worse and that will only continue. The UK Information Commissioner’s Office (ICO) recorded a staggering volume of email attacks in 2021 amounting to a 2,650% surge in phishing. ICO noted that they counted 150,317 phishing attacks in January 2021, which dramatically increased to a startling 4,135,075 in December 2021
- Malicious spam shot up by 2,775% between January and December 2021.
- Phishing messages climbed 20% between January and December 2021
- Malware attacks in 2021, commonly carried through phishing, boomed with a 423% increase
Learn how incident response planning boosts cyber resilience & security. GET THE EBOOK>>
Why Shouldn’t Humans be a Company’s First Line of Defense?
Humans Make Costly Mistakes
As long as there are humans involved in the process of adjudicating emails, mistakes will be made – and human error is responsible for an estimated 90% of security breaches like a data breach according to IBM’s X-Force Threat Intelligence Index. Phishing is hands down the most likely cause of a data breach – over 90% of incidents that end in a data breach start with a phishing email. It’s been ruling the roost as the top data breach threat for the last 3 years. A single data breach is hugely more expensive than it has ever been before either. In the IBM/Ponemon annual Cost of a Data Breach Report, the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study.
Social engineering is a major factor in causing employee mistakes. Cybercriminals are constantly coming up with new schemes to entice employees with clever, hard-to-detect malicious messages that lure them into a false sense of security. Unfortunately, they’re easily fooled. One-fifth of employees will fall for the phishing tricks that cybercriminals use in a malicious email, leading them to click dangerous links to provide information like passwords to a cybercriminal. 98% of cyberattacks contain one or more elements of social engineering.
See 10 reasons why Graphus is better than other email security solutions. SEE THE LIST>>
Employees Are Ideal Targets for Brand Fraud
One of the most likely ways that employees will encounter social engineering is through brand fraud. Employees receive email messages from companies like DHL, Amazon and Microsoft every day – but 25% of all branded emails that companies receive are fake. The Verizon Data Breach Investigations Report 2021 shows the rapid rise of brand impersonation as a precursor to a data breach, with this threat clocking in 15 times higher than it did in 2020.
The companies that employees correspond with in the course of doing business may not be who they say they are. It’s easy for cybercriminals to masquerade as legitimate businesses, especially if they’ve stolen an account at that company to use for nefarious purposes. That is a common scenario in business email compromise (BEC) attacks. BEC is a fast way for the bad guys to fleece employees out of money or information. The U.S. Federal Bureau of Investigation (FBI) cautions that BEC is 64x as dangerous to businesses as ransomware, responsible for 37% of all cybercrime losses last year. Business email compromise also has the highest cost per incident of any cyberattack
Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>
One Misclick Could Become a Nightmare Fast
Just one click to open a spurious document or visit a sketchy link could leave your company facing one of today’s most dreaded cyberattacks: malware including ransomware. Employees are highly likely to make that click – CISCO’s 2021 Cybersecurity threat trends report shows that at least one person clicked a phishing link in around 86% of the organizations that they studied.
Ransomware has exploded in the last few years, with businesses in the US seeing a 127% year-to-date increase in the number of ransomware attacks they face while UK businesses have seen an eye-popping 233% surge in ransomware infections. A ransomware or other malware infection will cost a fortune in more ways than one. Beyond the ransom demand, on average $570,000, Companies impacted by ransomware lose an average of six working days and spend an average of $4.62 million to return to normal operations without including the ransom.
Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>
Stop phishing immediately with Graphus – the most simple, automated and affordable phishing defense available today.
The best way to prevent employee mistakes when handling email from damaging your company is to eliminate employees from the equation. Graphus doesn’t make mistakes. Choose AI-powered, automated email security to quickly and efficiently protect your company from some of today’s nastiest phishing-related cyberattacks without breaking the bank.
- Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast.
- Plus, automated security is up to 40% more effective at spotting and stopping malicious messages like phishing emails than a SEG or conventional security.
- And, you won’t waste any time on fussy configuration or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance.
- Click here to watch a video demo of Graphus now.