Phishers target middle management

middle manager

Phishing scammers have infiltrated the enterprise and they’re finding easy prey, but it’s not in the C-suite as previously thought. Attackers are exploiting the multitasking, often overloaded middle management ranks, according to research by security and compliance firm Proofpoint.

“2014 was clearly the year that attackers went corporate, and they targeted middle management because it’s profitable,” says Kevin Epstein, vice president, advanced security and governance. The study examined more than a million workers’ email and social media activities at work over a one-year period.

The study found that managers doubled their click rates on malicious emails in 2014 compared to the previous year -- a marked change from 2013 for managers, who were much less frequently targeted by malicious emails in the past.

What makes middle managers an easy target? “Our suspicion is they’re under pressure to move through emails faster or the email itself is more compelling” than in previous scams, Epstein says.

malicious messages chart

Middle managers are also clicking on emails more quickly. In 2013, 40% of middle managers would click on the first day that a malicious email appeared and 25% took a week. In 2014, two out of three end users clicked on the first day, according to the study. What’s more, managers and staff clicked on links in malicious messages two times more frequently than executives.

To continue reading this article register now

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon