In the last 12 months, threat actors targeted 43% of small to mid-sized businesses (SMBs) in the UK with a phishing attack in which they masqueraded as one or more employees, a new CybSafe report found. It is rather worrisome that two-thirds (66%) of targeted SMBs were actually compromised as a result of phishing campaigns of this kind.
Less than half (47%) of SMBs indicated that they are providing cybersecurity training and a cybersecurity awareness program to employees. CybSafe CEO Oz Alashe said that despite the immense popularity of phishing among cybercriminals and the effectiveness of personalized phishing attacks in particular, SMBs are doing very little to defend themselves against this growing threat. In fact, “of those that are doing something, many are simply paying lip-service to security training for compliance reasons, and aren’t demonstrably reducing their human cyber risk,” Alashe elaborated.
Read more: A look into the frequency and success of phishing attacks on SMEs