Social engineering is a form of cybercrime that relies on psychological manipulation to gain access to confidential information. It is one of the most common and effective methods of attack used by cybercriminals. As such, it is important to understand the statistics and trends surrounding social engineering attacks.
In this blog post, we will explore the latest social engineering statistics and discuss the implications for businesses and individuals. We will also provide tips on how to protect yourself from social engineering attacks.
Social Engineering Statistics Overview
Social engineering is a prevalent threat, with 90% of data breaches having social engineering components and 62% of businesses experiencing attacks in 2018.
In 2021, phishing and similar fraud was the most common type of cyber crime reported to the U.S. Internet Crime Complaint Center, with 324 thousand individuals affected.
Thus, these attacks are still a major threat to individuals and organizations, and organizations need to remain vigilant in order to protect themselves from these types of attacks.
Phishing scams were the most common cause of ransomware infection in 2020, accounting for up to 54 percent of digital vulnerabilities.
This highlights the importance of user practices and cybersecurity training in order to prevent phishing scams and other forms of cyberattacks. Poor user practices and lack of training can lead to an increased risk of falling victim to phishing scams, which can then lead to ransomware infection.
During the first quarter of 2022, financial institutions and web-based software services and webmail were the two highest targeted industries for phishing attacks, accounting for 23.6% and 20.5% of attacks respectively.
By understanding the industries that are most targeted, organizations can better prepare and protect themselves from potential threats.
In 2020, the IC3 reported over 240,000 victims of phishing, smishing, vishing, and pharming, costing over $54 million in losses, with smishing being the largest phishing type.
Therefore, it is of importance being aware of social engineering tactics, such as smishing, and the potential financial losses associated with falling victim to them.
71% of IT professionals reported experiencing smishing attacks in 2021, up from 61% in 2020; this increase in smishing attacks is important as it highlights the growing prevalence of social engineering attacks.
Malware attacks have increased significantly over the past few years, with 2.8 billion attacks reported in the first half of 2022 and 5.4 billion in 2021, with the highest number of attacks detected in 2018 at 10.5 billion.
The number of malicious software attacks is concerning as it can lead to data loss, system damage, and financial loss for businesses, as well as the potential for cybercriminals to steal sensitive information or extort money. It also highlights the importance of businesses taking steps to protect their systems from malware and other forms of social engineering.
The professional sector was the most targeted by malware attacks between November 2020 and October 2021 with 1,234 incidents, followed by the information sector with 775 incidents and the manufacturing industry with 621 incidents.
Social engineering attacks are becoming increasingly sophisticated and targeted, and organizations must be aware of the potential risks.
Cyber insurance adoption is expected to surge over the next decade due to the increasing number of unfilled cybersecurity jobs, which grew from 1 million in 2013 to 3.5 million in 2021 with a zero unemployment rate.
Thus, companies need to invest in cyber insurance and hire cybersecurity IT professionals in order to protect their data from internet-based risks such as hacking or data breaches.
It also emphasizes the importance of protecting more than 200 zettabytes of data by 2025, which includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, and on personal computing devices.
It is estimated that the global cyber insurance market will reach a total market size of 22 billion U.S. dollars by 2025, doubling in size from its current size.
As businesses become more reliant on technology and data, they are increasingly vulnerable to cyber-attacks and other malicious activities. Cyber insurance provides businesses with the necessary protection to ensure their data and technology are secure.
Conclusion
Social engineering is a major threat to organizations of all sizes, and the statistics show that it is becoming increasingly more common.
It is important for organizations to take steps to protect themselves from this type of attack, such as educating their employees on the dangers of social engineering and implementing security measures to prevent it. By taking the necessary precautions, organizations can protect themselves from the devastating effects of social engineering.
References
1 – https://lookingglasscyber.com/blog/threat-intelligence-insights/how-to-not-be-a-victim-of-social-engineering/
2 – https://www.statista.com/statistics/184083/commonly-reported-types-of-cyber-crime-global/
3 – https://www.statista.com/topics/8385/phishing/#topicOverview
4 – https://www.statista.com/statistics/266161/websites-most-affected-by-phishing/
5 – https://www.statista.com/statistics/1306234/volume-smishing-attacks-organizations/
6 – https://www.statista.com/statistics/873097/malware-attacks-per-year-worldwide/
7 – https://www.statista.com/statistics/223517/malware-infection-weekly-industries/
8 – https://cybersecurityventures.com/top-5-cybersecurity-facts-figures-predictions-and-statistics-for-2021-to-2025/
9 – https://www.statista.com/statistics/1190800/forecast-cyber-insurance-market-size/
