/>
X

Phishing emails are still managing to catch everyone out

While the move to cloud computing is boosting security for some parts of the business, basic mistakes are still giving hackers a foot in the door.
steve-ranger
Written by Steve Ranger, Global News Director on

Workers are still finding it too hard to spot phishing emails, with nearly three-quarters of companies seeing staff hand over passwords when tested by a security company.

Security consultancy Coalfire tested 525 businesses for their susceptibility to a range of different hacking techniques and security vulnerabilities. It found that employees at 71% of these businesses handed over access credentials when targeted with phishing attacks by Coalfire's penetration testers -- up from 63% last year.

In 20% of cases, login details were shared by more than half of employees, compared to just 10% last year.

SEE: 10 tips for new cybersecurity pros (free PDF)

Coalfire carried out 623 penetration tests across the US, Europe and the UK, aiming to simulate a range of cyberattacks to assess how well companies were able to cope with them.

Weak passwords and insecure internal procedures, such as improper file-access restrictions and a lack of staff training, along with using out-of-date software, were the three most common vulnerabilities discovered during the tests.

"A lot of businesses are taking steps to upgrade their security infrastructure, particularly as they migrate more systems into the cloud, but still aren't addressing some of the fundamentals," said Andrew Barratt, UK managing director at Coalfire.

Overall, businesses exhibited fewer high-risk vulnerabilities than they did in penetration tests last year -- probably as a result of the shift to cloud computing, which reduces the need to secure and maintain on-premise infrastructure. The penetration tests also found badly configured cloud-security settings.

"There is a misconception from many that cloud adoption automatically means accepting more risk, but this is only true if it's done poorly," said Mike Weber, vice president Coalfire Labs.

Related

This new-look Gmail is now rolling out to everyone
gmail-app-1

This new-look Gmail is now rolling out to everyone

Productivity
How to change Gmail notifications so you stop missing important emails
The Gmail Settings option in the left sidebar.

How to change Gmail notifications so you stop missing important emails

Productivity
Crypto Coach: How to stay warm during a crypto winter
cc-7-25-22-image-1.png

Crypto Coach: How to stay warm during a crypto winter

Blockchain