Proofpoint, a prominent cybersecurity and compliance firm, has unveiled its tenth annual State of the Phish report, shedding light on concerning employee behaviors that jeopardize organizational security. Despite a slight decrease in successful phishing attacks, the consequences have escalated dramatically, with a staggering increase in financial penalties and reputational damage.

What should you know

• More than two-thirds of employees knowingly engage in risky actions, posing significant threats to their organizations, including ransomware, malware infections, data breaches, and financial loss.
• The report challenges the notion that lack of cybersecurity knowledge solely drives risky behavior, emphasizing the role of convenience and user experience preferences.
• Despite security awareness training efforts, there remains a disconnect between IT teams and employees regarding responsibility and effective strategies for behavior change.
• Multifactor authentication (MFA) continues to be misperceived as providing complete protection, leaving businesses vulnerable to attacks exploiting MFA bypass frameworks.
• Cybercriminals leverage generative AI to enhance email fraud attempts, particularly in business email compromise (BEC) attacks, resulting in personalized and convincing phishing emails across multiple languages.
• Ransomware infections persist as a lucrative form of attack, with a significant percentage of organizations opting to pay attackers to regain access to their data.
• Telephone-oriented attack delivery (TOAD) emerges as a flourishing threat, exploiting unsuspecting employees through fraudulent call centers.

Proofpoint’s report highlights the critical need for organizations to address not only cybersecurity knowledge gaps but also the underlying motivations driving risky employee behaviors. With the escalating sophistication of phishing attacks and the prevalence of emerging threats like TOAD and AI-powered fraud, organizations must prioritize comprehensive security training and robust defenses to safeguard against evolving cyber risks.