Phishing Insights 2021

While phishing has been around for a quarter of a century, it remains an effective cyberattack technique primarily because it continues to evolve. Adversaries are quick to identify new phishing opportunities – of which the pandemic provided many – and develop new tactics and techniques.

For organizations, phishing is often the first step in a complex, multi-stage attack. Adversaries frequently use phishing to trick users into installing malware or sharing credentials that provide access to their victim’s network. A seemingly innocuous email can ultimately lead to ransomware, cryptojacking, or data theft.

This report provides the latest insights into phishing based on an independent survey of 5,400 IT professionals at the IT frontline around the globe, along with a case study of a real-world phishing attack that led to a multi-million-dollar ransomware incident.

According to the Verizon 2021 Data Breach Investigation Report, 36% of confirmed data breaches involve phishing (up from 25% in 2019). Use these survey findings to evaluate your own phishing security posture and identify opportunities to extend your defenses.

1. Phishing means different things to different people

What is phishing? Our survey reveals that even among IT Which of the below options do you consider to be a phishing attack? professionals there is wide variation in what people consider to be a phishing attack. The most common understanding is emails that falsely claim to be from a legitimate organization, usually combined with a threat or request for information. While this was the most popular answer, fewer than six in 10 (57%) respondents selected this option, illustrating the breadth of meanings understood by phishing.

46% of respondents consider Business Email Compromise (BEC) attacks to be phishing, while over a third (36%) understand phishing to include threadjacking i.e. when attackers insert themselves into a legitimate email thread as part of an attack.