WEBSITE SECURITY THREAT REPORT

© 2015 Symantec, Inc. All rights reserved. Symantec, the Symantec logo, and other trademarks, service marks, and designs are registered trademarks of Symantec, Inc. in the United States and/or other countries.

SPEAR-PHISHING SCAMMERS SHARPENTHEIR ATTACKS WITH CLEVER NEW TACTICS Attackers win your confidence with personalized, targeted emails

Get the whole threat picture and learn more about how to protect yourself inSymantec’s new Website Security Threat Report

Expect to be attacked. It’s not if, but when.

Use strong, cloud-based filtering to identify and eliminate spear-phishing attacks

91% OF CYBERATTACKS START WITH A SPEAR-PHISHING EMAIL

RISK RATIO OF SPEAR-PHISHING ATTACKS BY JOB ROLE

SPEAR-PHISHERS TARGET EMPLOYEES WHO MAY BE UNAWARE OF WHAT A SUSPICIOUS EMAIL LOOKS LIKE

THAT’S THE MEDIAN

TIME-TO-FIRST-CLICK WHEN A SPEAR-PHISHING EMAIL LANDS IN AN INBOX ON A COMPANY NETWORK.*

*VERIZON BREACH INVESTIGATIONS REPORT 2015

YOU NOW HAVE 80 SECONDS TO PROTECT YOUR COMPANY!

27%26%

MA

NA

GE

R

19%

13%

11%

IND

IVID

UA

L C

ON

TRIB

UTO

R

25%

INTE

RN

DIR

EC

TOR

SU

PP

OR

T

OTH

ER

Attackers prowl for weaknesses in an internal network’s hostnames, IP addresses, and internal path names

80 sec

84% of spear phishing attacks target large enterprises* but attacks on medium-sized and small businesses are rising

THE MOST COMMONLY USED SPEAR PHISHING WORDS

Targeted attack campaigns rose by 8%

Custom malware with crafted email messages evade security

Many have malicious file attachments and many more

include infected links in emails.

Source : Symantec | .cloud.SRL

35%

27%

30%

23%

19%

16%

14%

11%

1 IN 2.9

Individuals in Sales and Marketing job roles were the most targeted in 2014, with 1 in 2.9 of them being targeted at least once; this is equivalent to 35 percent of Sales and Marketing personnel.

KEEP YOUR GUARD UP. DON’T MAKE IT EASY FOR CRIMINALS

23% of employees open phishing messages—11% actually click on malicious attachments!

Implement Always-On SSL

Educate your employees on what a spear phishing email looks like

Change your passwords often

SALES/MARKETING

SA

LES

/MA

RK

ETI

NG

1 IN 3.8OPERATIONS

OP

ER

ATI

ON

S

FIN

AN

CE

R&

D

IT EN

GIN

EE

RIN

G

HR

& R

EC

RU

ITM

EN

T

OTH

ER

1 IN 3.3FINANCE

1 IN 4.4R&D

1 IN 5.4IT

1 IN 7.2HR & RECRUITMENT

1 IN 9.3OTHER

1 IN 6.4ENGINEERING

2014 RISK RATIO 2014 RISK RATIO AS %

RISK RATIO OF SPEAR-PHISHING ATTACKS BY JOB LEVEL

Source : Symantec | .cloud.SRL

Managers were the most frequently targeted level of seniority in 2014, with 1 in 3.8 of them being targeted at least once; this is equivalent to 26 percent of individ-uals at managerial level.

1 IN 3.7

INDIVIDUALCONTRIBUTOR 1 IN 3.9

INTERN

2014 RISK RATIO 2014 RISK RATIO AS %

1 IN 5.4DIRECTOR

1 IN 7.6SUPPORT

1 IN 9.3OTHER

* 2500+ EMPLOYEES

1 IN 3.8MANAGER