10 April 2019

Research further revealed that 54 per cent of UK firms identified instances of employees replying to unsolicited emails or clicking on the links contained within them

Almost half of UK businesses (45 per cent) have been compromised by phishing attacks in the last two years, according to research from Sophos.

The company surveyed 906 IT directors in western Europe and revealed that larger businesses were more likely to be compromised by phishing attacks, even though they were more likely to conduct phishing and cyber threat awareness training.

The UK fell victim to phishing at a similar rate to those in France (49 per cent) and the Netherlands (44 per cent), with just 25 per cent of Irish respondents saying they had fallen victim to phishing in the last two years.

The research further revealed that 54 per cent of UK organisations had identified instances of employees replying to unsolicited emails or clicking on the links contained within them.

“Phishing affects everyone and is one of the most common routes of entry for cyber criminals,” said Adam Bradley, UK managing director, Sophos. “As
organisations grow, their risk of becoming a victim also increases as they become more lucrative targets and provide hackers with more potential points of failure. Given the frequency of these attacks, organisations that don’t have basic infrastructure in place to spot people engaging with potentially harmful emails and whether their systems are compromised are likely to encounter some really significant problems.”

Bradley said enterprises should block malicious links, attachments and imposters before they reach end users’ inboxes, “and use the latest cybersecurity tools to stop ransomware and other advanced threats from running on devices even if a user clicks a malicious link or opens an infected attachment”.