Phishing warning: If you work in this one industry you're more likely to be a target

Cyber crooks looking to steal secrets are focusing their attacks on one sector.
Written by Danny Palmer, Senior Writer

Hackers are launching cyber attacks against companies in the pharmaceutical sector more than any other, and campaigns against firms who make drugs have more than doubled in the last year.

The figures come from researchers at security company Proofpoint who have analysed attacks against Fortune Global 500 companies and found that over the course of the last quarter, pharmaceuticals companies were the most targeted, with an average of 71 email fraud attacks per company.

It represents a 149 percent jump in the number of fraudulent business email compromise and phishing attacks against the sector in the same period last year.

Drug companies are a tempting target for cyber criminals because of the intellectual property they hold on new compounds and medicines. If an attacker can get their hands on information about promising research this could be very a very lucrative offering on the black market.

But organisations in all sectors are under attack from email fraudsters, with a large increase in attempted attacks detected across all sectors - up 80-percent compared with the same quarter in 2017 according to the security company.

In many cases attackers are attempting to trick selected employees into letting down their guard and allowing them into the network.

SEE: What is phishing? Everything you need to know to protect yourself from scam emails and more

It's also common for attackers to spoof the email addresses of contacts or high profile individuals in the company in an effort to trick users into giving up data - or transferring large amounts of money. It may sound like a simple form of attack, but the reason the numbers have risen by such a significant amount is because they're proving to be successful. Many of the most high profile and costly attacks in recent years have started with a humble phishing email.

Behind pharmaceuticals, construction firms were the second most attacked during the previous quarter, averaging 61 attacks each. Real estate came third, with those in the sector targeted by an average of 54 attacks during the quarter.

Over the course of the whole year, drug companies are the top target again, with companies in the sector reporting an average of 282 attacks. Real estate is just behind with 277 attacks per company.

Proofpoint suggest a number of ways that organisations can help to protect themselves from attacks, such as training users to spot and report malicious emails and having a back up plan in place in the event of a user falling victim to an attack.


Editorial standards