CyberSecurity news
FlagThis
@ai-techpark.com
//
SpyCloud, a leading identity threat protection company, released an analysis on May 7th, 2025, revealing that a staggering 94% of Fortune 50 companies have had employee identity data exposed due to phishing attacks. The analysis is based on nearly 6 million phished data records recaptured from the criminal underground over the last six months. These findings highlight the growing scale and sophistication of phishing attacks, with cybercriminals increasingly targeting high-value identity data for follow-on attacks such as ransomware, account takeover, and fraud. The data provides valuable insights for organizations to enhance their defenses, improve user training, and prevent identity-based attacks.
Nearly 82% of phishing victims had their email credentials compromised in prior data breaches, according to SpyCloud's analysis. This gives attackers a critical advantage, emphasizing the importance of monitoring and securing compromised credentials. The exposed data often includes email addresses (81% of records), IP addresses (42%), and user-agent information (31%) which identifies device and browser details. The top industries impersonated in phishing campaigns include telecommunications, IT, and financial services, highlighting the specific targets of these malicious activities.
To combat the escalating phishing threat, Brian Jack, chief information security officer at KnowBe4, a partner of SpyCloud, emphasizes the need for ongoing security awareness training and swift, targeted action to remediate exposures. He stated that "Combining human vigilance with actionable intelligence is the most effective way to stop phishing in its tracks – and prevent it from opening the door to broader cyberattacks.” The rise of phishing attacks is attributed to cybercriminals modernizing their tactics and evolving campaigns into industrial-scale operations, aided by phishing-as-a-service (PhaaS) platforms and AI.
ImgSrc: ai-techpark.com
References :
Nearly 82% of phishing victims had their email credentials compromised in prior data breaches, according to SpyCloud's analysis. This gives attackers a critical advantage, emphasizing the importance of monitoring and securing compromised credentials. The exposed data often includes email addresses (81% of records), IP addresses (42%), and user-agent information (31%) which identifies device and browser details. The top industries impersonated in phishing campaigns include telecommunications, IT, and financial services, highlighting the specific targets of these malicious activities.
To combat the escalating phishing threat, Brian Jack, chief information security officer at KnowBe4, a partner of SpyCloud, emphasizes the need for ongoing security awareness training and swift, targeted action to remediate exposures. He stated that "Combining human vigilance with actionable intelligence is the most effective way to stop phishing in its tracks – and prevent it from opening the door to broader cyberattacks.” The rise of phishing attacks is attributed to cybercriminals modernizing their tactics and evolving campaigns into industrial-scale operations, aided by phishing-as-a-service (PhaaS) platforms and AI.
ImgSrc: ai-techpark.com
Share:
References :
- hackernoon.com: SpyCloud releases analysis of nearly 6 million phished data records recaptured from the criminal underground over the last six months.
- hackread.com: SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks
- www.cybersecurity-insiders.com: SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks
- NextBigFuture.com: SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks
- ai-techpark.com: The analyzed that phising is causing 94% of data records to be stolen from fortune 50 companies.
- www.cybersecurity-insiders.com: SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks
Classification:
- HashTags: #PhishingAttacks #DataBreach #CredentialCompromise
- Company: Fortune 50
- Target: Fortune 50 Companies
- Feature: employee identity data
- Type: DataBreach
- Severity: Medium