This is not unexpected. Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access. As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.
This article simply points out something we have known for some time. We must take phishing threats and associated awareness training seriously. This must become a priority for every organization, large and small. This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators. Make sure your security controls take those resources into consideration as well.
Have you noticed a significant increase in phishing messages over the past year? Have you noticed that these messages seem to be better crafted, harder to identify, and generally very sneaky? The stats from the team at KnowBe4 bear out the truth that most of us have been living over the last couple of years.
This significant increase in well crafted phishing messages should be a strong motivator to increase awareness training for our end users.
This is a great tool provided by Google to walk you through the pitfalls of distinguishing between legitimate and “phishy” emails. Take a look and consider sharing it with friends.
This article is a wonderful reminder of the potential pitfalls inherent to human nature. Everyone loves a free gift. Everyone loves a gadget. USB is the devil. I believe that just about sums it up!
No one is immune. Even those focused on preventing compromise are susceptible to attack. This should be treated as yet another wakeup call that we need to press forward with better controls, awareness training, and data segmentation.
This is very good information, especially if you are developing new training content for your end users. Thank you to the team at KnowBe4. Please take note.
This a great infographic concerning phishing tests and who falls for what and how often. Take a look and consider these stats when pondering your next security exercise.