Cyber attacker hacking into email server. Scammer holding fishing tackle with hooked message of office worker. Cybercrime concept. Vector illustration can be used for scam attack, information security

Which industries are most vulnerable to phishing attacks?

Cybercrime is a growing problem for businesses of all sizes. It may be the case that you are already familiar with the concept of phishing. It is often associated with schemes such as ‘Nigerian scam’ emails and other similarly unsophisticated types of attack. However, in reality, phishing has become a highly successful and advanced form of cybercrime. 

This is an especially challenging problem in the UK. Here around half of all the cyberattacks that businesses face involve phishing to some degree – that’s a much higher figure than the rest of the world. 

However, it is also true that businesses in certain industries are more vulnerable to phishing attacks than others. Here, we take a look at the sectors that face the most significant challenges relating to phishing attacks.

Universities and higher education colleges

You might be surprised to learn that one of the sectors that are typically very vulnerable to phishing attacks is higher education. There are many potential reasons for this – not least that universities will typically have thousands of students with unique login credentials, and the security of these accounts may not be taken as seriously as they need to be. However, this isn’t the only problem. A recent report revealed that 90 per cent of universities and colleges do not provide adequate levels of protection against phishing attacks. Clearly, as a target that could be considered valuable to cybercriminals, institutions of higher education need to be investing more in their defences.

Traditional businesses

There are many businesses and operations that operate in a way that is more traditional, still utilising paper documents or antiquated systems. From banks and start-ups to small retail operations, leisure clubs and even some law firms, the traditional way of doing paperwork remains. However, these businesses will have had to embrace change to a certain degree, and may not currently feel completely comfortable with the blend of digital and traditional systems.

It is these types of businesses that can be extremely vulnerable to phishing attacks. With staff who don’t feel at ease with the digital system, it is easier for them to be tricked by phishing emails and other forms of social engineering.  “Data security has become a huge issue, especially in the wake of the General Data Protection Regulation,” says Edward Entecott, Director at Document Options “it is generally much easier to control access to documents and sensitive data with a digital system. With digital documents, you can control who has access to documents, and also keep track of important data points such as when they are created, viewed or deleted.”

Estate agents and property

Undoubtedly one of the industries that have seen a significant boom in recent years has been property. Estate agents and companies that provide services relating to property have seen the demand for property purchasing swell tremendously. In spite of ever-increasing property prices, it seems that the market is virtually insatiable. In fact, mortgage approvals have reached their highest levels since October 2007

This has made businesses in the property sector more vulnerable to phishing attacks than ever before because they have been a more lucrative target. The fact that more property transactions are ongoing, and that those transactions involve greater sums of money makes them more appealing to cybercriminals.

Phishing attacks against estate agents typically work by infiltrating or spoofing the email account of a client and then redirecting payments.  

Smaller businesses

There can be no doubt that the last couple of years has been significantly challenging for small businesses. So it is unfortunate to also say that SMEs are typically more likely to be targeted with cyber attacks than larger companies. A key reason for this is cybercriminals see small businesses as an easier target with weaker cybersecurity.

It is extremely expensive for businesses to hire cybersecurity specialists due to the shortage of skilled professionals. This is magnified for SMEs as th

Tech and fintech

You might assume that technology businesses are those most likely to have powerful cybersecurity in place and are well defended against phishing. However, this may not always be the case. Indeed, technology companies generally have been criticised for not doing enough to protect themselves against cybercrime.

Indeed, it is also the case that fintech companies may be vulnerable simply because they work directly with money. Financial transactions are often a target for phishing scammers, and any companies that work with them on a day-to-day basis are more likely to face criminal activity.

What can you do to protect your business?

While the industries listed here are most likely to be vulnerable to cybercrime, any company can be targeted. Thankfully, there is a lot you can do to protect your company against these types of attacks. It is a great idea to focus on regular staff training, as well as working with outsourced cybersecurity specialists.

Is your organisation doing enough to help mitigate the risk of a cyberattack such as this? Find out in our Free Click-Prone® Test today.

Recent posts