sb-au logo
Story image

Australian professionals high target for cyber crims, new study shows

More than half (54%) of surveyed Australian Infosec professionals faced phishing-triggered ransomware infections in 2019, according to a new report titled ‘State of the Phish’ by Proofpoint.

This is more than any of the other six countries surveyed, including the US, UK, Japan, Germany, France and Spain, and highlights the need for user training and email reporting as spear phishing attacks increase, Proofpoint states.

However, Australian working adults were the most likely of all global respondents to correctly identify the definition of ransomware.

Proofpoint’s report examines global data from nearly 50 million simulated phishing attacks sent by Proofpoint customers over a one-year period, along with third-party survey responses from more than 600 information security professionals in the US, Australia, France, Germany, Japan, Spain, and the UK.

The report also analyses the fundamental cybersecurity knowledge of more than 3,500 working adults who were surveyed across those same seven countries.

Proofpoint country manager Australia and New Zealand Crispin Kerr says, “Australian organisations must take an active approach to cybersecurity education. Criminals are constantly refining their attack methods, using sophisticated emails lures, phone calls, and SMS to snare as many victims as possible.

“Attackers do their homework, and their messages often seem personally relevant to recipients. Regular company-wide training is crucial to make sure staff can spot the warning signs and keep themselves and their organisation safe.”

The research also uncovered that 63% of Australian companies provide company-wide cybersecurity training highlighting the opportunity for increased user training to help combat cyberattacks in 2020. Cybercriminals are also using increasingly sophisticated methods to lure victims.

In fact, 52% of Australian organisations experienced vishing, which sees criminals impersonating legitimate sources via phone calls, while 58% experienced smishing, which uses SMS as a channel to attack users.

The report also showed more than half (56%) of Australian organisations report that rate of phishing attacks observed either decreased or stayed the same in comparison to the previous 12 months, reflecting the new tendency of criminals to forgo high-volume attacks in favour of more targeted methods.

Despite 79% of Australian organisations reporting a reduction in phishing susceptibility after the delivery of cybersecurity training, just over half (53%) conduct active cybersecurity training by way of simulated phishing attacks one of the most effective way of educating staff.

Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Video: 10 Minute IT Jam – Who is Cohesity?
If you could pick two words to describe Cohesity, ‘data management’ fit very well.More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More
Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More
Download image
74% of APAC IT leaders say security culture is essential to business success
You can join these leaders in designing security awareness and training with your employees in mind.More