July 18, 2012
Spear Phishing Statistics: 2012 Findings from Microsoft TechEd, RSA Security Conference Surveys
Today, Proofpoint published the findings from a recent survey of more than 330 IT professionals, aimed at learning the extent and impact of targeted phishing attacks (a.k.a., "spear phishing").
With so many phishing-sourced data breaches making the news in the past couple of years, it will probably come as no surprise that we found that targeted phishing attacks are just as—if not more—prevalent than ever.
Additionally, the survey found a strong connection between spear phishing attacks and the compromise of user login credentials (i.e., usernames and passwords) and unauthorized access to corporate IT systems.
Survey responses were gathered at Proofpoint's booth at last month's Microsoft TechEd conference. We've summarized the findings in a short PDF format report (which also summarizes findings from a similar survey we conducted at the RSA Security Conference earlier in the year).
In brief, the Proofpoint TechEd survey found that:
1. Spear Phishing Continues to be a Serious Threat
Half of all respondents (51%) believe that, in the past year, their organization was targeted by a phishing email designed specifically to compromise their own users. Another 31% do not believe they were the target of such an attack and 18% reported they did not know.
2. Larger Organizations are Even More Likely to be Targeted by Phishing Attacks
Among organizations with 1,000 or more email users (214 survey respondents), more than half (56%) believe their organizations were targeted by a spear phishing attack. Of this group, 27% do not believe they were the target of a spear phishing attack and 17% reported they did not know. Comparatively, organizations with fewer than 1,000 email users (125 survey respondents) reported fewer spear phishing attacks—42% believe they had been targeted, 39% did not and 19% did not know.
3. Spear Phishing Attacks are Often the Root Cause of Security Breaches
More than one third (34%) of respondents who reported experiencing a spear phishing attack in the past year (17% of all respondents) believe that such an attack resulted in the compromise of user login credentials (e.g., usernames/passwords) or unauthorized access to corporate IT systems.
We've been regularly surveying IT professionals about the threat from targeted attacks over the years and occurances of spear phishing have clearly risen over time. For example, in a survey conducted at the RSA Conference in 2010, 48% of respondents told us that they believed their organizations had been targeted... But that number rose to 58% in our 2012 RSA Survey (again, see the PDF for details).
The trend toward hard-to-detect, highly targeted phishing attacks aimed at compromising valuable corporate data is why Proofpoint has spent a great deal of research and development effort in the past year perfecting new approaches to detecting and stopping advanced targeted attacks.