Earlier this month we reached out to IT decision makers across the UK, asking to share their key concerns and recent experiences with advanced targeted threats - more specifically, Spear Phishing, Account Takeover, CEO Fraud and Domain Fraud.
Respondents ranged from small start-ups with 20 users, all the way up to 5,000 user enterprise, offering insights into the effects of these targeted attacks across the whole scale.
Our goal in carrying out this study was to find out which of these growing threats is most concerning to IT professionals to see how these opinions have been shaped by recent news, personal experiences, and the evolving nature of certain tactics, as well as discover what actions organisations are taking in response to these concerns.
Spear Phishing has been one of the biggest threats to businesses and individual users alike over the last few years, but this prevalent threat could soon be shadowed by more advanced tactics. Although still the most commonly experienced threat, with 50% of respondents reporting an attempted attack within the last year, concerns over Spear Phishing were matched exactly by both Account Takeover and CEO Fraud - despite these threats being encountered less frequently.
Out of the 60% of respondents who had experienced one of these targeted threats in the last year,
83% suffered an attempted Spear Phishing attack.
This could be a sign that organisations suffering from these Phishing attacks are learning from their mistakes and implementing advanced security solutions, giving them confidence in their defences for this area in the years to come, but it could also offer an insight into just how quickly these alternative attack methods are developing behind the scenes.
As mentioned above, respondents reported a high level of concern over Account Takeover, matching that of Spear Phishing with 30%. On top of this, a huge 40% of businesses stated they had experienced an attempt of Account Takeover during the last year, falling behind Spear Phishing by just 10%.
These results are a clear reflection of the current commentary of industry experts who are warning users of this growing threat, but it doesn't answer the question of why this threat is growing so quickly. A likely theory is that these developments are linked to the large data dumps that made headlines in January, storing billions of compromised log-in details in a single location and making it much easier for criminals to compromise accounts through credential stuffing.
The main insight we wanted to focus on after reviewing these survey results is the lack of appropriate security solutions in place amongst these organisations, despite the high levels of concern.
With 65% of businesses still not implementing AI-based technologies, it seems that users are still somewhat relying on traditional email gateway security, which are unable to detect these complex attacks. Advanced targeted attacks can slip past these rule-based defences easily as they often contain no malicious payload and will not match previous reported attacks due to their personalised nature - AI, on the other hand, can recognise patterns and abnormalities in behavioural factors like tone of voice, writing style, and email intent.
On top of this, despite 60% of respondents being concerned about advanced threats currently residing in their Office 365 environment, 55% had never used an email threat scanner or any similar free tools to check user inboxes.