• About
  • Subscribe
  • Contact
Thursday, September 4, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Technology Data Protection

Phishing susceptibility remains high among bank employees

FutureCISO Editors by FutureCISO Editors
September 4, 2025
Phishing susceptibility remains high among bank employees

Photo by Markus Winkler from Pexels: https://www.pexels.com/photo/phishing-awareness-in-digital-security-30885916/

Share on FacebookShare on Twitter

A report by KnowBe4 highlights a dramatic increase in cyber threats targeting the global financial sector, revealing that these institutions face up to 300 times more cyberattacks than other industries.

The "Financial Sector Threats Report" indicates that large banks are particularly vulnerable, with nearly 45% of employees likely to fall for phishing attacks.

The research reveals a concerning landscape where almost all (97%) major U.S. banks experienced third-party breaches in 2024, and targeted intrusions against financial institutions surged by 109% year-over-year.

The report underscores the evolving tactics employed by cybercriminals, including the use of AI tools like FraudGPT and ElevenLabs to enhance phishing campaigns. This shift away from traditional ransomware towards data exfiltration and multi-stage extortion schemes complicates detection efforts, as attackers increasingly leverage legitimate credentials.

According to the Federal Reserve Bank of New York, even a single day's disruption in payments by major banks could affect 38% of network banks globally, demonstrating the systemic risks posed by these cyber threats.

Key findings from the report include:

  • Financial service firms globally experience up to 300 times more cyberattacks annually than other industries, with a 25% year-on-year increase in intrusion events for 2024.
  • 97% of the largest U.S. banks suffered third-party breaches last year, while all of Europe's top financial firms reported supplier breaches, revealing critical vulnerabilities in vendor ecosystems.
  • Analysis of over three million dark web posts indicates that stolen credentials now outpace credit card theft; infostealer infection attempts increased by 58% in 2024, with 68% of attacks originating from email.
  • The U.S. and U.K. account for over 70% of attacks, with the APAC region also targeted, particularly in Indonesia (5.81%) and India (4.65%), albeit at lower rates than Western countries.
  • Large financial institutions exhibit a 44.7% Phish-prone Percentage (PPP), but comprehensive security awareness training can reduce this susceptibility to below 5%.
Related:  Industrial manufacturers prioritise network security amid rising cyber threats

"Adversaries are gaining an advantage against the financial sector," said James McQuiggan, security awareness advocate at KnowBe4. “Traditional defenses are no longer sufficient. The battle comes down to the human level. Financial institutions must prioritise human risk management to close this critical security gap.”

As cyber threats continue to evolve, financial institutions must enhance their security strategies and invest in comprehensive training to equip their workforce against these sophisticated attacks.

Tags: KnowBe4phishing
FutureCISO Editors

FutureCISO Editors

No Result
View All Result

Recent Posts

  • Phishing susceptibility remains high among bank employees
  • Singapore leads in AI security, faces shadow AI woes
  • New initiatives to combat Southeast Asia scams
  • Shadow AI use complicates cybersecurity efforts
  • Businesses must be mindful about decisions they delegate to AI agents

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl