1、An in-depth exploration of user awareness,vulnerability and resilienceREPORT State of the Phish2023A COMMISSIONED SURVEY OF:7,500working adults across 15 countries1,050IT security professionals across those countriesAND:135 millionsimulated phishing attacks sent by our customers over a 12-month peri

2、od18 millionemails reported by our customers end users over a 12-month period2022:Cyber Criminals Get Even More CreativeEvery year,threat actors look for new ways to outwit victims and bypass defenses.And 2022 was no different.As businesses rolled out new security controls,cyber criminals responded.

3、They scaled-up complex techniques like telephone-oriented attack delivery(TOAD)and multi-factor authentication(MFA)bypass.Unknown to most users,these techniques gave cyber attackers a new advantage.At their peak,TOAD and MFA bypass saw hundreds of thousands of attacks sent per dayubiquitous enough t

4、o threaten most organizations.And at the same time,proven tactics like brand abuse,business email compromise(BEC)and ransomware remained as popular as ever.With threat actors constantly upping their game,CISOs and Infosec teams had their work cut out.Now in its ninth year,our annual State of the Phi

5、sh report explores end-user security awareness,resilience and risk across 15 countries(eight more than in previous years).The report benchmarks understanding of common cyber threats and defensive tactics and reveals how potential gaps in knowledge and cyber hygiene enable the real-world attack lands

6、cape.Most attacks target people before they target systems.Thats why helping users build sustainable security habits is crucial.So,the last section of the report examines security awareness practices and outlines opportunities to build and reinforce a security-aware culture at every level of an orga