Cloudmark Puts Spear-Phishing in Its Cross Hairs
A new study finds that even though most organizations have some form of email security technology, many consider spear-phishing a significant threat.Among the most impactful attacks on the Internet today is spear-phishing, in which an attacker takes targeted aim an individual or an organization in an attempt to steal information. The targeted nature of spear-phishing makes it more challenging to defend against traditional spam, and is driving email security vendor Cloudmark to develop a new purpose-built technology called Trident to protect users. As part of its efforts to fully understand the spear-phishing challenges that enterprises face, Cloudmark commissioned a survey, which examines current attitudes and experiences about spear-phishing. The poll of 300 IT decision-makers, conducted by independent research firm Vanson Bourne, found that 73 percent reported that spear-phishing currently poses a significant threat to their organizations. While organizations are worried about spear-phishing, 71 percent indicated that they already have some form of email security technology in place. "Even while many organizations have implemented technology solutions, they're still seeing attacks getting through," Angela Knox, senior director of engineering and threat research at Cloudmark, told eWEEK. What's more, 32 percent of respondents admitted that their organizations suffer a financial loss as a result of an attack. Additionally, 15 percent of respondents indicated their organizations suffered a decrease in stock price after a spear-phishing incident.
"It's a very hard problem to solve, and many solutions out there today solve a big chunk of the phishing problem but not all of it," Knox said. "Spear-phishing is very low volume and highly targeted."