Some interesting numbers to start with:
Cybercriminals use social engineering in 98% of attacks.
There are seventy-five instances as many phishing web sites as malware web sites.
With 241,342 a hit incidents, phishing changed into the maximum not unusual place cybercrime in 2020 withinside the US.
A ransomware attack is a hit each eleven seconds.
In 2019, the value in keeping with compromised report changed into $one hundred fifty on average.
The US authorities allotted nearly $19 billion for cybersecurity in 2021.
Basically, it`s convincing a person to carry out a specific motion.
Cybercriminals who use social engineering trap you to percentage your private data, open infectious files, or deliver them get entry to to confined information.
Let`s test a number of the contemporary social engineering facts.
In different phrases, many personnel can`t discover social engineering threats and unknowingly open the doorways for cybercriminals to thieve money, get entry to information, and tarnish your reputation.
Although there are some (21% if we don’t forget each present day and previous personnel) who may also deliberately use social engineering hacks to get again at you.
It`s less complicated to idiot human beings as opposed to to infiltrate a stable laptop system, so it`s no marvel that approximately 70% to 90% of all information infiltration is because of phishing and social engineering assaults.
Cybercriminals can goal any character or business enterprise, aleven though facts display that healthcare institutions, authorities agencies, and universities are the desired goals for social engineering scams due to the data they store.
As of Jan 17, 2021, the quest engine powerhouse, Google recorded 2,145,013 fishing webweb sites.
What takes place is that hackers continuously feed the Dark Web with the information they thieve, which then serves as gasoline for in addition cyberattacks.
Just in 2020, hackers introduced about 22 million new facts to the Dark Web.
Although the quantity of phishing web sites is staggering, the contemporary social engineering stats display that best 3% of phishing assaults are done via a website, and 1% is through phone (both vishing or smishing).
A phishing e-mail hints people into taking motion immediately. They normally cite emergencies to get you to expose touchy data.
The maximum not unusual place phrases cybercriminals use in emails are: urgent, request, important, payment, and attention.
Social engineering emails normally impersonate a famous business enterprise to boom the probabilities of you establishing them.
Microsoft is the desired faux identification for attackers to adopt, for the reason that approximately 1.2 billion human beings use the Office package.
DHL comes withinside the 2d position, with 18% of cybercriminals the use of the logo name.
Other frequently impersonated manufacturers are PayPal, LinkedIn, Google, and Chase.
According to phishing statistics, an attacker downloads a Windows executable “usually disguised as a PDF, Excel, or Word file.” 74% chance. You can use a script file (11%) or a compressed file (4%), but the executable file is better because it runs the moment you open the program.
It’s pretty dangerous. Money doesn’t seem to be the main motivation for cybercriminals-information is. After a successful phishing attack, 60% of enterprises report data loss, 52% report credential breaches, and 29% complain of malware infections that ultimately damage the entire enterprise computer network. I am. 2022
Companies spend millions of dollars protecting themselves and their customers from data breaches, but efforts seem to be wasted unless employees are also trained.
Social engineering is a very serious problem because it takes advantage of people’s natural tendency to trust others and tempts them to reveal sensitive information.
We know that in one year, attackers sent 12 million spear phishing emails to three million mailboxes, affecting 17,000 organizations.
That means 46.5 companies receive an average of two spear phishing emails each day.
Businesses around the world spend millions on security technologies, but they don`t take the time to educate employees on social engineering and data breaches.
According to the latest statistics, about 43% of employees do not receive regular data security training, and an amazing 8% have never received it.
Social engineering statistics by age show that older employees are more familiar with the topic.
65% of employees over the age of 39 can correctly define phishing compared to just 47% between the ages of 18 and 22.
However, in the case of voice phishing, the opposite is true. While 34% of employees in the 1822 age group know what phishing is, only 20% of employees over the age of 55 know the term.
However, the most common target is neither the CEO nor the IT people.
Non-financial or managerial employees receive 80% of the threat.
PhishProne Percentage (PPP) varies by industry, but the global average PPP can be estimated to be 31.4%.
By company size, the most vulnerable sectors are small healthcare centers and pharmaceuticals (34% PPP), medium hospitality facilities (42.3% PPP), and large energy organizations (52.4% PPP). .. The cybersecurity and social engineering awareness campaign has reduced the percentage of 30L to about 5%.
According to a recent survey, 78% of participants were recently trained in social engineering threats, while 60% were willing to open suspicious emails.
According to social engineering statistics, 45% did not report the problem to IT after clicking.
COVID19 has also affected a company’s ability to combat cybersecurity threats. According to a recent survey, 56% of IT departments report increased response times to cyber attacks.
In addition, 42% of organizations say they are not ready to defend against cyberattacks targeting remote workers.
Social Engineering Message
Over the years, many companies in different industries have been unfortunate targets for data breaches. Some of the examples are 2017 Equifax violations (affecting nearly 150 million consumers), 2020 Marriott violations (affecting 5.2 million guests), and Twitter violations (2020). Affects 130 accounts).
Now let’s look at some global statistics.
According to country-specific social engineering statistics, Mongolia was the most devastated country, with 15.54% of online users hit by phishing attacks in the third quarter of 2020.
Israel came in second with 15.24%, followed by France (12.58%) and Brazil (11.86%).
SMEs find it particularly difficult to defend against these attacks, as most (73%) lack IT security measures.
The latest phishing statistics reveal that the FBI registered 50 percent increase of attack in comparison to pervious year.
For example, cybercriminals pretended to be government agents who needed your personal information to sign you up for financial support or early vaccination.
The latest social engineering stats reveal that around $17,700 is lost every minute due to phishing. That equates to $1,062,000 million per hour and $25,488,000 million per day.
This is just the money and data that the average company loses. However, there are additional related costs that the company must bear, such as: B. Recovery fees and security updates.
Now consider how common cyber attacks are (once every 39 seconds according to Internet privacy statistics). It’s no wonder experts predict that the global annual cost of cybercrime will reach the astronomical $ 10.5 trillion by 2025.