The Good Tech Companies - SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed In Phishing Attacks
Episode Date: May 7, 2025This story was originally published on HackerNoon at: https://hackernoon.com/spycloud-analysis-reveals-94percent-of-fortune-50-companies-have-employee-data-exposed-in-phishing-attack...s. Phishing attacks have been growing in scale and sophistication, and SpyCloud’s research reveals that cybercriminals Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #spycloud, #cybernewswire, #press-release, #spycloud-announcement, #cyber-security-awareness, #cyber-threats, #good-company, and more. This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com. SpyCloud releases analysis of nearly 6 million phished data records recaptured from the criminal underground over the last six months. Phishing attacks have been growing in scale and sophistication. 94% of Fortune 50 companies have employee identity data exposed as a consequence of phishing attacks. Nearly 82% of victims had their email credentials compromised in prior data breaches.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
Spy Cloud analysis reveals 94% of Fortune 50 companies have employee data exposed in
phishing attacks, by Cyber Newswire. Austin, USA, Texas, May 7, 2025,
Cyber Newswire, Spy Cloud, the leading identity threat protection company,
today released an analysis of nearly
6 million phished data records recaptured from the criminal underground over the last
6 months.
Phishing attacks have been growing in scale and sophistication, and SpikeCloud's research
reveals that cyber criminals are increasingly targeting high-value identity data that can
be used for follow-on attacks like ransomware, account takeover, and fraud.
While the data reflects only a snapshot of the phishing threat landscape, IT provides
valuable insights for organizations seeking to bolster defenses, enhance user training,
and prevent identity-based attacks.
Key findings from SpikeCloud's analysis of phished data include 94% of Fortune 50 companies
have employee identity data exposed as a consequence of phishing attacks.
81% of these records contain email addresses, 42% include IP addresses, and 31% include user agent information identifying device and browser details. The top impersonated industries in phishing
campaigns include telecommunications, IT, and financial services. Two-thirds of the five,
five million records contain credentials, financial information,
or visitor metadata, while 37% came from email targeting lists, a collection of addresses
selected for phishing attempts, not necessarily resulting in compromise.
Greater than, phishing threats are not only growing, they're evolving.
In the last six greater than months alone, we've seen a 17% increase in phishing emails.
What's especially greater than concerning is that nearly 82% of victims had their email
credentials greater than compromised in prior data breaches, giving attackers a critical
advantage, greater than said Brian Jack, chief information security officer at Know Before,
a partner of greater Than Spy Cloud.
Greater Than.
This highlights the urgent need for ongoing security awareness training, but greater than
it's only half the equation.
Security teams must also have visibility into greater than these specific exposures so they
can take swift, targeted action to remediate.
Greater than combining human vigilance with actionable intelligence is the most effective
greater than way to stop phishing in its tracks, and prevent it from opening the door to greater
than broader cyberattacks. Phishing attacks are on the rise, not because organizations lack defenses,
but because cybercriminals are modernizing their tactics, evolving phishing campaigns
into industrial scale operations with phishing as a service, phos, platforms and AI.
With the ability to automate the creation of sophisticated phishing kits, threat actors
can more easily harvest credentials and 2FA codes, distribute phishing links via QR codes,
and bypass captures to avoid detection.
Greater than, to combat the growing scale and sophistication of phishing attacks, security
greater than teams need access to real-time exposed identity data before it leads to greater than broader compromise,"
said Trevor Hillegos, head of security research at Greater Than Spy Cloud.
Greater than, one area we find organizations lacking insight is when it comes to phishing
greater than target lists, ripe with potential victims of phishing campaigns.
Armed with greater than this knowledge, organizations can proactively flag vulnerable accounts,
alert greater than these users, and stay even more vigilant to avoid falling prey.
This action, greater than further up the attack chain, takes a proactive approach to combating
phishing greater than threats before they happen.
Greater than Hillegos continues, when organizations remediate phished credentials, greater than terminate compromised web sessions, and act on other stolen identity greater than artifacts, they reduce their risk substantially, and disrupt attackers greater than ability to escalate privileges and launch ransomware.
Spy Cloud will dive deeper into these findings during its upcoming webinar on Thursday, May 15, FISH HAPPENS. What recaptured data reveals about
the industrialization of phishing. Organizations interested in detecting and disrupting phishing-related
identity exposures before they escalate are invited to register here.
About SPY Clouds by Cloud transforms recaptured darknet data to disrupt cybercrime. Its automated
identity threat protection solutions leverage advanced analytics to proactively
prevent ransomware and account takeover, safeguard employee and consumer accounts, and accelerate
cybercrime investigations.
SpyCloud's data from breaches, malware-infected devices, and successful fishasalso powers
many popular dark web monitoring and identity theft protection offerings.
Customers include seven of the Fortune 10, along with hundreds of global enterprises,
mid-sized companies, and government agencies worldwide.
Headquartered in Austin, Texas, SpyCloud is home to more than 200 cybersecurity experts
whose mission is to protect businesses and consumers from the stolen identity data criminals
are using to target them now.
To learn more and see insights on users' companies' exposed data, users can visit
SpyCloud.com, contact Brown Emily Reque on behalf of SpyCloud Brown at REC.
Co.
Tip This story was published as a press release by CyberNewswire under Hacker Noon's business
blogging program.
Thank you for listening to this Hacker Noon story, read by Artificial Intelligence.
Visit HackerNoon.com to read, write, learn and publish.