2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Mimecast Targeted Threat Protection offers superior defense against phishing attacks, spear phishing and whaling attacks.
Threats to enterprise security are constantly evolving and growing in complexity, and phishing threats are no exception.
In a phishing email, attackers masquerade as a reputable entity or a known person to dupe users into sharing important information like login credentials or account information. In a spear phishing email, attackers often pose as an individual within the recipient’s company, while the sender of a whale phishing email might impersonate the CEO or CFO and instruct the recipient to transfer money to a fraudulent account.
These kinds of phishing threats have been enormously successful. In fact, 91% of all hacking attacks today began with a phishing or spear phishing email. With each breach potentially costing millions in damage to business, productivity and reputation, organizations need sophisticated protection to guard against these ever-evolving attacks.
Mimecast Targeted Threat Protection offers superior defense against phishing, spear phishing and whaling attacks. Part of Mimecast’s all-in-one subscription service for email security, archiving and continuity, Targeted Threat Protection extends traditional gateway security to defend against threats like a phishing attack.
Mimecast’s solution improves phishing and spear security by:
Mimecast Targeted Threat Protection offers three levels of defenses against a phishing, spear phishing or whaling attack.
What does phishing mean?
Phishing is a form of cybercrime where a criminal contacts an individual by email, text or telephone and, posing as a legitimate or trusted institution, seeks to obtain sensitive information like login credentials, credit card details, bank account numbers or other personal data. Criminals may use the information they obtain from phishing to access accounts to steal money, data and identities. The term “phishing” was coined by hackers – the use of “ph” as a substitute for “f” and is thought to be a reference to an earlier form of hacking known as “phone phreaking.”
How does a phishing attack work?
Phishing involves several types of attacks, and the techniques of cyber criminals are constantly evolving. The most common type of phishing involves an email message sent to a user under the guise of a legitimate organization, one that the recipient likely knows and trusts. A phishing email typically has a sense of urgency and asks the user to provide information or click a link. A phishing email may:
Links within a phishing email take the user to a fraudulent website where sensitive information can be captured and where malware may be downloaded onto the user’s computer.
Is phishing a crime?
Yes. Phishing is considered a crime that is typically prosecuted under laws concerning fraud or identity theft.
How to prevent phishing?
Preventing phishing attacks requires a multi-layered approach to cybersecurity.
Where should I report phishing?
If you believe you have received a phishing email, you can forward it to the Federal Trade Commission (FTC) at email@example.com and to the Anti-Phishing Working Group at firstname.lastname@example.org. You may also report the attack to the FTC at ftc.gov/complaint, to your email provider (e.g., Outlook or Gmail) and to the actual company that the email is impersonating.