Two-Thirds of Orgs Expect Increase in #COVID19 Phishing Attacks Next Year

Nearly two-thirds (64%) of business decision makers expect their company to face a rise in COVID-19 themed phishing attacks in 2021, according to a new study from Centrify.

In a survey of 200 business decision makers across large and medium-sized UK enterprises, over half (52%) also said they anticipated a growth in cyber-attacks targeting their organizations as a result of the most recent national lockdown in the UK, which ended on December 2.

Despite these fears, over a third (37%) are not planning to train new employees on data management policies and cybersecurity risks linked to the COVID-19 crisis. Additionally, 37% admitted they do not have sufficient access management systems in place to verify employee identities and credentials when they are accessing company data.

Security professionals have observed a huge rise in phishing attacks this year, with pandemic-related subjects providing especially strong lures. Research from Barracuda showed that phishing emails spiked by 667% in under a month when the pandemic struck, while last month it was reported that the HMRC detected a 73% rise in email phishing attacks from March to September in the UK.

Howard Greenfield, chief revenue officer at Centrify, commented: “COVID-themed email, SMS and web-based phishing attacks have not been uncommon over the last year, and so far we’ve seen cyber-attack campaigns using the guise of charity, government financial aid initiatives and business support schemes to lure thousands of victims into leaking sensitive information, such as log-in credentials and payment details.

“In fact, these phishing campaigns have been so sophisticated and widespread in 2020 that business leaders can only reasonably assume that a colleague or employee has already fallen victim to one – especially if they have been working remotely this year for the first time in their career.”