INTENDED FOR WIDEST DISTRIBUTION
The Cybersecurity and Infrastructure Security Agency (CISA) released a phishing infographic that any organization, small or large, can use to inform their leadership and workforce on common adversarial techniques used in phishing and how to protect against potential susceptibility to an attack. If successful, a phishing attack could enable threat actors to gain initial access to a network and affect the targeted organization and related third parties.
Phishing is a form of social engineering in which a cyber threat actor poses as a trustworthy colleague, acquaintance, or organization to lure a victim into providing sensitive information or network access. The lures can come in the form of an email, text message, or even a phone call.
From phishing assessments conducted at public and private sector organizations, CISA found that 70% of all attached files or links containing malware were not blocked by network border protection services; 15% of all malicious attachments or links were not blocked by endpoint protection; and 84% of employees that fell victim to phishing did so within the first 10 minutes of receiving the malicious email.
Your support to amplify this phishing infographic through your communications and social media channels is appreciated. And as always, thank you for your continued collaboration.
Cybersecurity and Infrastructure Security Agency