Boileau Business Technology Blog

State of the Phish Report 2022: The war against scammers continues

07/03/2022 12:45:10 PM / by Boileau Team

Email Scam (1)


No, you weren’t imagining it – 2021 really was a cybersecurity nightmare for many Australian businesses. Proofpoint’s 2022 State of the Phish report has just been released and boy is it a shocker.

It examined responses from 600 information and IT security professionals and 3,500 workers in Australia, the US, France, Germany, Japan, Spain, and the UK.

The report put facts and figures behind what many business owners already suspected – cyber-attacks increased in 2021 with 78 percent of businesses experiencing email-based ransomware attacks and 77 percent facing business email compromise (BEC) attacks. That’s an 18 percent increase from 2020!

Attacks in 2021 also had a much wider impact than in 2020, with 83 percent of surveyed businesses revealing they experienced at least one successful email-based phishing attack, compared to 57 percent in 2020. Additionally, more than two-thirds of businesses said they dealt with at least one ransomware infection originating from a direct email payload (for example, impersonating an executive or vendor compromise/conversation hacking), second-stage malware delivery, or other attacks. The year-over-year increase remains steady but shows the challenges businesses faced as ransomware attacks surged in 2021.


How to avoid becoming a statistic

Cyber Training

Training, training, training!

While cybercriminals still target technical vulnerabilities within your systems, it’s clear that they are now more focused than ever on compromising your employees.

So, with the rise of hybrid work and work-from-home arrangements, it’s important to prioritise regular cyber security training and create a culture of security within your business.

For example, training around basic Wi-Fi network security as 97 percent of surveyed employees said they have a home Wi-Fi network, but only 60 percent said their network is password-protected. This creates a considerable risk for your business and bottom line.


Choose a bank with strict security controls

As many scams happen via online transactions, it’s a good idea to collaborate with your bank to implement more security controls for online banking, for example:

  • Fraud detection and monitoring systems
  • Out-of-band verification for transactions
  • Account activity controls, such as transaction value thresholds, number of transactions per day, etc.

Out-of-band authentication is a popular solution, and it means that a transaction that is initiated via one delivery channel, like the internet, must be re-authenticated or verified by an independent delivery channel, like a phone call, for the transaction to be completed.

In conclusion, cybercriminals aren’t going anywhere and in fact, they are getting smarter. As a business owner, it’s important to stay up to date with technology and training that protects your business and your staff.

If you’re not sure where you stand in terms of cyber security, get in touch with us on 08 8354 6700 or email us to get started.


*Sources – Proofpoint – 2022 State of the Phish report

Tags: Cyber Resilience, Cyber Security, Business technology

Boileau Team

Written by Boileau Team