2024年网络钓鱼报告-29正式版.docx

2024StateofthePhishINTRODUCTIONImagineasuccessfu1.cyberattackagainstyourorganization.Whatdoesit1.ook1.ike?Maybeitinvo1.vesafiendish1.ydeverpieceofsocia1.engineering-aconvincing1.urethatcatchestherecipientoffguard.Ormaybeitwou1.dtakeasmarttechnica1.exp1.oittogetpastyourdefenses.Butinrea1.ity,threatactorsdon'ta1.wayshavetotrythathard.Often,theeasiestwaytobracsecurityistoexp1.oitthehumanfactor.Peop1.eareakeypartofanygooddefense,buttheycana1.sobethemostvu1.nerab1.e.Theymaymakemistakes,fa1.1.forscamsorsimp1.yignoresecuritybestpractices.Accordingtothisyar,sStateofthePhishsurvey.71%ofworkingadu1.tsadmittedtotakingariskyaction,suchasreusingorsharingapassword,c1.ickingon1.inksfromunknownsenders,orgivingcredentia1.stoanuntrustworthysource.And96%ofthemdidsoknowingthattheyweretakingarisk.Whenob1.igedtochoosebetweennveneceandsecurity,userspicktheformera1.mosteverytime.So.whatcanorganizationsdotochangethis?Inthisreportwe1.1.takeac1.oser1.ookathowattitudestowardssecuritymanifestinrea1.-wor1.dbehavior,andhowthreatactorsarefindingnewwaystotakeadvantageofourpreferenceforspeedandexpedience.W'ia1.soexaminetheCUrrentstateofsecurityawarenessinitiatives,aswe1.1.asbenchmarkingtheresi1.ienceofpeop1.eandorganizationsagainstattack.Thefoundationofthisreportisasurveyof7.500©ndusersand1.050securityprofessiona1.s,conductedacross15countriesIta1.soinc1.udesProofpointdataderivedfromourproductsandthreatresearch,aswe1.1.asfindingsfrom183mi1.1.ionsimu1.atedphishingmessagessentbyourcustomersovera12nothperiodandmorethan24mi1.1.ionemadsreportedbyourcustomers'endusersoverthesameperiod.TAB1.EOFCONTENTS4KeyFindings6SecurityBehaviors6andAttitudesEnd-userbehaviorandattitudesIOSecurityAwarenessTrends1012CurrentstateofsecurityawarenessAreasforimprovement20Organizationa1.Benchmarks21Industryfai1.urerate27Conc1.usion14 TheThreat1.andscape14Threatpreva1.ence15 Growingthreats:TOAD,MFA-Bypass,QRcodesandgenerativeA1.16161718BECattacksbenefitfromA1.Microsoftremainsmost-abusedbrandRansomwaresti1.1.amajorconcernAttackconsequencesKEYFINDINGS回回回囿回回回回回回回国回回西回国回回囱囿囱回直回回回回回国回回回回回回直回回囿凰回回凰囿回回囱回回回回囿囱回回四回回回圜回回凰回回回四回囿回回回凰回回回囿回囱IoI1.1.im1.69%knowtheyareresponsib1.eforsecurity,but10miTOADmessagesarese11v-1/everymonth.C58%ofuserseitherweren'tsureorc1.aimedthatthey'renotresponsib1.eata1.1.Microsoftcontinuestobethemostabusedbrand,with68mi1.1.ionma1.iciousmessagesassociatedWiththebrandoritsproducts.)i>1.bt(<>(>rtS三>>(G¾>(r>!f>cfz(ofuserswhotookriskyactionsengagedinbehaviorthatwou1.dhavemadethemvu1.nerab1.etocommonsocia1.engineeringtactics.SecurityBehaviorsandAttitudesEventhebesttechnica1.defensescanbeunderminedifusersdon'tdothebasics,suchasavoidingsuspicious1.inks,verifyingthesender'sidentityandsettingastrongpasswordandkeepingittothemse1.ves.However,manyusersfai1.tofo1.1.owthesesimp1.eru1.es,puttingthemse1.vesandtheirorganizationsatrisk.End-userbehaviorandattitudesAccordingtooursurvey,71%ofuserssaidtheytkariskyactionanda1.mosta1.1.ofthem96%-didsoknowing1.y.Amongthatgroup.73%saidthey'dtakentwoormoreriskyactionsAndmorethanathrdoftheriskstheytookwereratedbythoseusersasa1.her*extreme1.yrisky"orVeryrisky.”QQO/workd<n>coforpersona1.乙D/O8ctvoes26%ReuseorsharepasswordQGO/COnneC1.withoutusingVPNat乙。/03pttcp1.aceQAO/R-poMk>amsa¢(emai1.ofSMS4一/0text)fromsomeoneIdon'tknow20%AccessinsppfpdatewebiAQ0/C1.ick<x1.inksorderw川OXAtuchmoncsID/OfromsomeoneIdon'tknowdOO/Sharewod<devtcewithfne11dsIO/OorramityAQO/Ca1.1.anunfamitarphnenumberinI。/Oanurgentemai1.AO/Tt11g:a1.1.wotherstoenterII/OtheofficewithoutbudgingindO/Upk>adsensitivedatatounprovenIU/Othird-partyc1.oudQQ/Givecredentia1.stountrustworthyP1.osource29%Havenevertakenariskyaction30%25%20%15%10%5%0%Userstookriskyactionsforavarietyofreasons：convenience,timesavingandurgencybeingthemostcommonanswers.Butasma1.1.cohortof2.5%tkriskyactionspure1.youtofcuriosity.Eithervay.themessageisdear:peop1.earen'ttakingriskyactionsbecausethey1.acksecurityawarenessOften,usersknowwhattheyar©doingWhentheytakerisksandarequitewi1.1.ingtogamb1.ewithorganizationa1.security.WhyRiskyActionisTakenTosavetimeTosavemoneyTomeetotherperformanceobjectives5%Other,p1.easespecifyNobodyknowsthisbetterthanthewor1.d'scybercrimina1.s.Theyunderstandthatpeop1.ecanbeexp1.oited,eitherthroughneg1.igence,ob1.iviousnessor-inrareinstances-ma1.ice.Socia1.engineeringISapartofa1.mosteveryemai1.threatana1.yzedbyourresearchers.And58%ofuserswhotkariskyactionsaidtheyengagedinbehaviorthatwou1.dputthematriskofbasicsocia1.engineeringtactics,suchasc1.ickingonunknownkks.respondingtounfami1.iarsendersandsharingcredentia1.swithuntrustworthysources.Theseactionscan1.eadtoransomwareinfection,ma1.ware,databreachorfinancia1.1.oss.OneOfthereasonsuserstaketheserisksi