It’s been true for quite some time now: Phishing is among the most—if not the most—successful way to achieve a compromise.
Phishing is social engineering in the form of malicious emails. By impersonating someone users may trust, the perpetrator attempts to convince users to perform a harmful action. Common manifestations include tricking users into transferring money, revealing sensitive information, or downloading malicious files.
SecureState analyzed the phishing campaigns it conducted from 2015 through Quarter 1 2017 to find what worked, what didn't, and what's coming.
What The Research Covers:
- Baiting the Hook: How we got our data
- Casting the Line: How we phish
- Reeling It In: How users stack up
- Measuring the Phish: How industries compare
- Catch and Release: How to improve