Social engineering attacks, which rely on human interaction and fraudulent behavior to trick people, are the fastest growing security threat for enterprises today.
While traditional attacks leverage technology-based system vulnerabilities, such as software bugs and misconfigurations, social engineering attacks take advantage of human vulnerabilities by using deception to trick targeted victims into performing harmful actions.
Examples of social engineering attacks, which are typically launched via email, include phishing, spear phishing, trojans and Business Email Compromise (BEC). According to the FBI, BEC scams have resulted in losses of $3.1 billion as of May 2016.
Agari has worked with ISMG to survey over 200 enterprises to better understand the prevalence of social engineering attacks on organizations, what financial and non-financial toll these attacks are exacting on organizations, their partners and customers and then to determine the most effective controls for defending against these targeted strikes.
Markus Jakobsson, Chief Scientist at Agari, has released a new book on social engineering schemes. In Understanding Social Engineering Based Scams, Markus profiles today’s most common schemes, forecasts some future trends, and provides guidance to help organizations build effective countermeasures.
Agari Enterprise Protect is the only solution that verifies trusted email identities based on insight into 10 billion emails per day to stop advanced email threats that use social engineering, such as spear phishing and business email compromise.
Social engineering scams, one of the oldest tricks in the financial fraud book, still threaten financial institutions and other businesses through malware, ransomware and email attacks, per San Mateo, Calif.-based Agari.
For the most part, we’re no longer falling for badly worded emails from “Grandma” asking us to wire her $10,000 immediately for back surgery. So what are we falling for?
Phishing attacks aren’t going away. They’re just evolving into more targeted, more complex threats.