Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Leadership Team

Meet the MetaCompliance Leadership Team

Careers

Join Us and Make Cybersecurity Personal

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

More than 90 Percent of All Phishing Attacks Targeted Just Five Industries in 2016, Finds Report

shutterstock_534628657

about the author

Share this post

A new report reveals that more than 90 percent of all phishing attacks documented in 2016 targeted just five industries.

Per PhishLabs’ 2017 Phishing Trends & Intelligence Report, organizations offering financial, cloud storage/file hosting, webmail, payment, and ecommerce services encountered 91 percent of all phishing attacks in 2016. Those industries each saw the total number of phishing campaigns targeting them increase by an average of one-third. The number of attacks for all industries also grew in 2016.

But there’s change afoot. Financial institutions used to account for a third of phishing attacks back in 2013. It’s now dropped to less than a quarter. Other institutions have picked up the slack, most notably cloud storage/file hosting at 22.6 percent in 2016.

More than 90 Percent of All Phishing Attacks Targeted Just Five Industries in 2016, Finds Report

PhishLabs says something big is causing phishers to migrate away from financial organizations to cloud-based services. As it explains in its report:

“The shift is driven by a major vulnerability in how many web services, including nearly all of the cloud storage services and SaaS companies that have seen a substantial increase in phishing attacks, allow their users to authenticate into their accounts. Instead of requiring users have a unique username and password, they allow users to log in using their email address in conjunction with a ‘unique’ password. The problem with this method is that many, perhaps a majority, of their users simply reuse their email password instead of creating a new one.”

Password reuse is an attacker’s best friend. If they obtain a user’s email address and password, attackers can try to authenticate themselves across multiple web services with the hope that the victim reused the same password for their accounts, including some that contain financial information. Attackers can break into these accounts to steal money from the victim. Alternatively, they can sell all those accounts on the dark web for between 50 USD and 1,000 USD.

More than 90 Percent of All Phishing Attacks Targeted Just Five Industries in 2016, Finds Report

Here are some other notable statistics from the PhishLab’s report:

  • Britain saw a massive spike in phishing attacks leading up to the ‘Brexit’ referendum vote. Most of the scam campaigns targeted payment services and government agencies. Following the Brexit vote, the number of attacks targeting British users plummeted. This illustrates how phishers continue to capitalize on events in the news to prey upon unsuspecting users.
  • Canada, Switzerland, and France all saw an increase in the number of phishing attacks targeting their citizens, whereas countries like China, Britain, and South Africa experienced fewer campaigns than in years past.
  • PhishLabs collected 29,000 phish kits that lets attackers create a working phishing site.
  • 10 countries hosted four out of every five phishing sites. In total, attackers spread their phishing campaigns across 432 different top-level domains (TLDs). Many new generic TLDs (gTLDs) saw phishing content including .TOP, .XYZ, and .ONLINE.

Given the growing number of phishing attacks and the ease with which bad actors can create phishing campaigns, it’s important that organizations make sure their employees know how to spot a phish. They should create a security awareness training program to address this need, specifically one that leverages third-party phishing simulation software.

Does this type of solution sound of interest to you?

If so, please contact Metacompliance and learn how its phishing simulations will protect your organization against phishers in 2017 and beyond.

Other Articles on Cyber Security Awareness Training You Might Find Interesting