The Week in Breach: Featured – 2021 Phishing Danger Meets Its Match in the Newly Revamped BullPhish ID
No doubt, 2020 was a record year for phishing – phishing risks skyrocketed by more than 600%, and COVID-19 was named Google’s biggest phishing topic in history. , making it the favorite tool of cybercriminals. Phishing has damaged businesses of every size from mom-and-pop shops to corporate giants.
As 2021 gets started, this is the perfect time to talk about phishing dangers, especially spear phishing threats, because these facts about spear phishing in 2020 really speak for themselves.
- More than 90% of data breaches start with a phishing attack
- Small businesses receive 94% of their attack threats via email
- An estimated 80% of firms saw an increase in cyberattacks in 2020
- Spear phishing has grown by more than 660% since the start of 2020
- Over 80% of all 2020 business cyberattacks were phishing attacks
Tabulations of data from BullPhish ID’s 2020 activity show some interesting conclusions. One striking thing was that users across the board were most likely to enter their credentials in response to lures that were disguised as routine security messages (like suspicious activity inquiries) or COVID-19 information.
Here are the top 3 phishing simulation emails that enticed end users to submit their credential or other sensitive data in 2020:
- Fraud Warning: Suspicious Login Detected. – 1827
- An unusual Google Chrome sign in detected – 1594
- COVID-19 Mandatory Seminar – 846
The total number of credentials submitted by users in training in 2020: 14,103
Total number of credentials submitted by industry in 2020: 14,103
- Energy & Transportation – 197 submitted
- Service Provider – 772 submitted
- Manufacturing – 848 submitted
- Education & Research – 1586 submitted
- State/Local Government – 221 submitted
- Finance & Insurance – 458 submitted
- Business & Professional services – 660 submitted
- Wireless Industry – 10 submitted
- Construction & Engineering – 1503 submitted
- Aerospace & Defense – 165 submitted
- Systems Integrator – 81 submitted
- Federal Government – 64 submitted
- Legal – 386 submitted
- Medical & Healthcare – 2762 submitted
- High-Tech & IT – 1779 submitted
- Non-Profit Organization – 1056 submitted
- Retail & eCommerce – 336 submitted
- Pharmaceutical – 29 submitted
- Other – 1190 submitted
As this data demonstrates, phishing danger is around every corner for every business in every industry. You need help fighting back against this rising tide of risk – and BullPhish ID is the perfect solution for your business.
Contact our team and let’s talk about how we can help you secure your business against today’s biggest threat with the amazing new features that are now available from BullPhish ID.
The Week in Breach News – United States
United States – Parler
Parler: Social Media Application
Risk to Business: 1.619 = Severe
Now-defunct social media site Parler had a wild ride to the finish, including a hacking incident. Hackers were able to exploit security weaknesses in engineering and security to gain access to the membership-restricted content, scraping at least 70 TB of data. The data scrape also includes deleted posts, meaning that Parler stored user data after users deleted it. The hackers also obtained URLs for over a million video URLs, some deleted and private.
Individual Risk: 1.221 = Extreme
Data was taken from Parler’s “Verified Citizens,” users of the network who verified their identity by uploading photographs of government-issued IDs, such as a driver’s license. The scrape includes user profile data, user information, and which users had administration rights for specific groups within the social network. Data like this could be used to mount spear phishing attacks, or as blackmail material, as it contains details that could connect users to criminal acts or membership in extremist groups.
Customers Impacted: 10 million
How it Could Affect Your Business: Data like this often makes its way to the Dark Web, enabling it to be used to power cybercrime like phishing and credential compromise.
IntegraMSP to the Rescue: Watch for threats from the Dark Web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>
United States – Taylor Made Diagnostics
Taylor Made Diagnostics: Occupational Healthcare Provider
Risk to Business: 2.612 = Moderate
A Conti ransomware attack at this Virginia-based healthcare provider led to some unpleasant consequences for employees of the Norfolk Southern Railroad and UPS after 3K patient records were snatched. The stolen data included health records for employees from both firms, in addition to multiple smaller trucking companies, U.S. government agencies and defense contractors from as recently as December 2020.
Risk to Business: 2.722 = Moderate
The leaked data included completed U.S. Department of Transportation (DOT)-mandated medical exams, as well as drug and alcohol testing reports for truckers and rail workers at multiple companies. Many documents contained detailed personal information such as full names, addresses, social security numbers and scans of driver’s licenses. This information could be used for identity theft and spear phishing attacks.
Customers Impacted: Unknown
How it Could Affect Your Business Ransomware is almost always the result of a successful phishing attack. It’s an expensive nightmare for any business, especially one in the healthcare sector.
IntegraMSP to the Rescue: Learn how to protect businesses from ransomware without breaking the bank. LEARN MORE>>
United States – Ubiquiti Networks
Ubiquiti Networks: Communications Technology Firm
Risk to Business: 1.979 = Severe
Ubiquiti Networks announced that an intruder made its way into that company’s servers. The hacker was able to access stored data on UI.com users, such as names, email addresses, and salted and hashed passwords. It is currently unclear how many users have been affected. The company says there is no indication that there has been unauthorized activity with respect to any user’s account, and the incident is still under investigation.
Individual Risk: No personal or consumer data was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Hacking can come from many directions, but one common source is credential compromise. By adding strong access point protection, companies can add extra security against hackers like this.
IntegraMSPto the Rescue: Protect every door that hackers could use to slip into your systems and steal your data with secure identity and access management tools like single sign-on and multifactor authentication for less with Passly. LEARN MORE>>
United States – South Country Health Alliance
South Country Health Alliance: Health Plan Provider
Risk to Business: 1.812 = Severe
South Country Health Alliance, a county-owned health plan based in Owatonna, MN, experienced a data breach after a successful phishing attack let cybercriminals access the protected health data and personal information of more than 60K members. The incident has been under investigation since the attack was first confirmed in September 2020, and the filing made with HIPPA regulators noted that affected patients were informed starting 12/30/20.
Individual Risk: 2.006 = Severe
The exposed information included names, Social Security numbers, addresses, Medicare and Medicaid numbers, health insurance information, diagnostic or treatment information, death dates, provider names and information about treatment costs. The health plan is offering complimentary credit monitoring and identity protection service to impacted members.
Customers Impacted: 66,874
How it Could Affect Your Business: Phishing attacks on healthcare targets have been increasing, as the demand for healthcare information and the opportunity afforded to cybercriminals by an overstressed healthcare system creates fresh opportunities.
IntegraMSP to the Rescue: Don’t be surprised by the tricks that cybercriminals are using these days to trick employees. Get the skinny on today’s common lures. LEARN MORE>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.