The majority of businesses lack adequate protection measures against advanced phishing attacks and have gaps in their defenses allowing potential attackers to infiltrate and steal sensitive data according to a SlashNext phishing survey.
According to Slashnext, "95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks."
Also, only around 5% of all survey respondents are aware of the fact that in the case of more than 90% of company security breaches bad actors use phishing attacks.
Despite that, around half of all IT professionals that were involved in the survey estimated that they deal with roughly 50 or more phishing attacks per month.
As detailed by Webroot's 2018 Threat Report (.PDF), phishing sites are quite short-lived, with most websites used for phishing being kept online by attackers for 4 to 8 hours, with the longest-lived phishing website being available for about 44 hours and the shortest-lived being held online for 15 minutes.
Attackers use a wide array of methods to obfuscate phishing sites from victims and AntiMalware software
Scammers change domain names very often to avoid being blocked by static hosts files and detection by both end-users and antimalware solutions, as well as IP masking for obfuscating the real IP address behind phishing domains in 25% of phishing attack incidents.
Furthermore, although most enterprises consider that phishing attacks are email-based, this type of security threat has long moved to other attack vectors such as "ads, search results, pop-ups, social media, IM and chat applications, rogue browser extensions, and apps."
"Phishing tactics have evolved to using very fast-moving phishing sites and attack vectors that evade existing security controls," said Atif Mushtaq, Slashnext's CEO. "And with such legitimate-looking phishing sites manipulating users, there is little to protect employees, not even phishing awareness training."
Moreover, "The solution involves a phishing detection system that can analyze and detect malicious sites like a team of cybersecurity researchers, but do it in real-time to protect users."