Skip to main content

Phishing attacks hit more businesses than ever last year

Hook on Keyboard
(Image credit: wk1003mike / Shutterstock )
Audio player loading…

Phishing attacks hit more businesses than ever last year, and as a result - more attacks were successful, new research from Proofpoint has found.

Surveying 600 information and IT security professionals, as well as 3,500 workers in the US, Australia, France, Germany, Japan, Spain, and the UK, Proofpoint said more than three quarters (78%) businesses everywhere saw email-based ransomware (opens in new tab) attacks last year.

At the same time, 77% suffered business email compromise (BEC) attacks last year, up 18% on 2020. 

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window (opens in new tab) <<

Employees targeted

Of all the businesses attacked by phishing, 83% have had at least one instance where the attack was successful (significantly up from the previous year’s 57%), meaning criminals got better at stealing login credentials and identities (opens in new tab). Consequently, more than two-thirds (68%) were forced to tackle at least one ransomware infection. 

“Where 2020 taught us about the need to be agile and responsive in the face of change, 2021 taught us about the need to better protect ourselves,” said Alan Lefort, SVP and GM of Security Awareness Training for Proofpoint.

“As email remains the favored attack method for cybercriminals, there is clear value in building a culture of security. In this evolving threat landscape and as work-from-anywhere becomes commonplace,’ it is critical that organizations empower their people and support their efforts to learn and apply new cyber skills, both at work and at home.”

The pandemic seems to have exacerbated an already painful problem. Some four in five (81%) organizations said more than half of their employees were now remote, but just 37% educate their workers about best cybersecurity practices in such an environment. 

Almost all of the workers surveyed (97%) have a home Wi-Fi network, but just 60% have it password-protected, Proofpoint proves its point (pun definitely intended). 

These numbers both in attacks, and successful incursions, are “staggering”, says Adenike Cosgrove, Cybersecurity Strategist, International, Proofpoint. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.