#privacy: Almost half of UK SMEs targeted by phishing attacks

A new study has revealed that 43% of UK SMEs have been targeted by impersonation phishing attacks in the past year. 

A report by Cybsafe surveyed 250 IT decision-makers at UK SMEs, questioning them about the attacks they have experienced, and what was done to protect the cybersecurity of their business. 

It was discovered that of the 43% attempted impersonation phishing attacks, 66% of organisations had suffered a successful attack, with respondents citing email phishing to be greater threat to businesses than phone phishing.

When pitted against nine other potential threats, email phishing was cited the be the second most pressing threat (37%) behind Malware. Phone phishing was believed to be the least (8.8%) urgent threat to businesses. 

Oz Alashe, CEO, CybSafe commented:

“Phishing is currently the dominant attack vector for entry into networks, and its popularity isn’t hard to understand. It’s easy to carry out, easy to profit from, and from the perspective of cybersecurity professionals, it’s notoriously difficult to defend against. Just one individual falling victim can be enough to give criminals the foothold required to access confidential information.”

Impersonation phishing attacks pose a particular threat to businesses as they can be extremely convincing, especially when a threat actor impersonates friends, family or other members of staff. 

The study also found that just 47% of IT leaders claimed to have a cybersecurity training and awareness program up and running. Thus it is clear the lack of awareness on phishing scams and cyber-threats could be a major factor in the success rate of hackers. 

Despite this, the study found that little is being done by UK businesses. Those that are doing something, are “simply paying lip-service to security training for compliance reasons, and aren’t demonstrably reducing their human cyber-risk.”


Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Reserve your place today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.