If you don't think you need cyber protection or don't believe someone would want to hack into your system, you may already be in trouble. It’s tempting to think that if your organization is small or not well known, or if you’re not in one of the most frequently attacked industries, you may not have much to worry about. Unfortunately, that is dangerous thinking. Companies of all sizes and in all industries are at risk. In fact, small businesses account for 58%* of data breaches.
Different types of cyber attacks:
- Security event: an event on a system or network detected by a security device or application.
- Security attack: a security event identified by correlation and analytic tools as malicious, activity attempting to collect, disrupt, deny, degrade or destroy information system resources or the information itself.
- Security incident: an attack or security event reviewed by an analyst and deemed worthy of further investigation.
Attackers see email as a direct line to the most vulnerable part of any network - end users. Why go through all the trouble of utilizing sophisticated exploits and bypasses when you can count on users being human and having a tendency to make hasty clicks?
Malicious emails have come along way from the easily recognizable spam messages of old, but it's often the simplest messages and disguises that are the most effective.
In the vast majority of cases (92.2%)*, malicious emails rely on tricking users into opening attachments. The most popular attachment type by far are office files, which typically aren't blocked by email filters. According to the ISTR, 48% of malicious email attachments are office files, up from just 5% in 2017.*