Companies spend a huge amount of time and billions of dollars on security technology to keep threat actors out — on firewalls, IPS systems, endpoint security, and the like — and employees are letting those bad guys in by clicking on phishing links. In fact, a recent F5 Labs report says phishing was the root cause of 48 percent of the breaches they investigated.
This corroborates my own research, as I have talked to many people that do penetration testing and they told me the number one way to breach a company is by stealing a user’s credentials via phishing.
