The Outcome of Phishing
Unauthorized Access
A successful phishing attack will result in unathorized access to your systems. Consider the industry standard (and correct) behaviour of using Single Sign On (SSO) systems and you’ll see how one successful phishing attack can open a huge hole in your company’s security.
Phishing is often used as the first step to gaining complete control over a company’s data. Depending on the strength of your internal controls, a single phishing attack may be all it takes to lose the data that keeps your business running.
All the data in an employee’s email & cloud storage, all the data they work with on a daily basis, all the data they don’t work with but have been given access to by default - it’s all at risk once a phishing attack succeeds.
Corporate SSO is a huge target for phishing attacks. Read this guide and ask your IT/Security team, “does our SSO support WebAuthn?”
Financial Cost
The dollar cost of a successful phishing attack is generally measured in the millions of dollars, with huge variations depending on the extent of the resulting compromise.
That cost is also getting larger, with a phishing attack quadrupling in cost between 2015 & 2021 from $3.8M to $14.8M1.
Breach cost climbs if customer data is exposed. In 2022, T-Mobile settled a class action suit resulting from a breach for $350M2
References
- Phishing Costs Nearly Quadrupled Over 6 Years, accessed May 2023
- T-Mobile to Pay Millions to Settle Class-Action Suit Over Data Breach, accessed May 2023