sb-au logo
Story image

Australian professionals high target for cyber crims, new study shows

More than half (54%) of surveyed Australian Infosec professionals faced phishing-triggered ransomware infections in 2019, according to a new report titled ‘State of the Phish’ by Proofpoint.

This is more than any of the other six countries surveyed, including the US, UK, Japan, Germany, France and Spain, and highlights the need for user training and email reporting as spear phishing attacks increase, Proofpoint states.

However, Australian working adults were the most likely of all global respondents to correctly identify the definition of ransomware.

Proofpoint’s report examines global data from nearly 50 million simulated phishing attacks sent by Proofpoint customers over a one-year period, along with third-party survey responses from more than 600 information security professionals in the US, Australia, France, Germany, Japan, Spain, and the UK.

The report also analyses the fundamental cybersecurity knowledge of more than 3,500 working adults who were surveyed across those same seven countries.

Proofpoint country manager Australia and New Zealand Crispin Kerr says, “Australian organisations must take an active approach to cybersecurity education. Criminals are constantly refining their attack methods, using sophisticated emails lures, phone calls, and SMS to snare as many victims as possible.

“Attackers do their homework, and their messages often seem personally relevant to recipients. Regular company-wide training is crucial to make sure staff can spot the warning signs and keep themselves and their organisation safe.”

The research also uncovered that 63% of Australian companies provide company-wide cybersecurity training highlighting the opportunity for increased user training to help combat cyberattacks in 2020. Cybercriminals are also using increasingly sophisticated methods to lure victims.

In fact, 52% of Australian organisations experienced vishing, which sees criminals impersonating legitimate sources via phone calls, while 58% experienced smishing, which uses SMS as a channel to attack users.

The report also showed more than half (56%) of Australian organisations report that rate of phishing attacks observed either decreased or stayed the same in comparison to the previous 12 months, reflecting the new tendency of criminals to forgo high-volume attacks in favour of more targeted methods.

Despite 79% of Australian organisations reporting a reduction in phishing susceptibility after the delivery of cybersecurity training, just over half (53%) conduct active cybersecurity training by way of simulated phishing attacks one of the most effective way of educating staff.

Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
Cyber attacks keeping business leaders up at night, new research finds
Data breaches and insider threats are keeping organisations up at night, according to new research from KnowBe4, the security awareness training and simulated phishing platform.More
Link image
Scale-out multi-protocol storage & data management with Hedvig
The advantages of data growth are clear if they are harnessed properly: Agility, scalability, and lower costs are but a few of those advantages. Find out how you can make these a reality with Hedvig.Register Here
Story image
Training is essential to build cybersecurity awareness
More than ever, businesses need to ensure that all their workers have the right skills and training to protect the business from cybercrime.  More
Story image
Businesses move to cloud-based security solutions in a bid to support remote working
Cloud-based security tools are becoming increasingly popular following the rise in remote working during COVID-19, including a marked increase in businesses using such tools to protect of corporate financial information.More
Link image
The make or break moment: How fast can your security team mitigate threats?
For anyone in the race to detect and respond, it isn’t a choice whether to use PCAPs or metadata capture. Here's why.More