Data-driven creative for sensitive verticals

With big privacy changes, creative has become even more important with verticals like health and wellness and finance. Learn how to make data the backbone of your campaigns.

An average CEO receives 57 phishing emails a year, but other C-suites and non-executives like sales and IT employees are getting hit just as hard. This is according to new research from security firm Barracuda Networks, which analyzed over 12 million email attacks impacting more than three million mailboxes at roughly 17,000 organizations.

“It affirms our view that these attackers are becoming more patient than before and that they are willing to spend time to build trust and social engineer their way to target more valuable assets eventually,” Barracuda CTO Fleming Shi told VentureBeat.

Sales employees make great targets because they frequently interact with people outside their organizations, Shi said. They’re the targets in 20% of enterprise business email compromise (BEC) attacks, with malicious actors often manipulating sales orders, quotes, and other business emails. IT staffers are also common targets, because their access to IT infrastructure is extremely valuable for attackers in establishing persistence in the network and planning lateral movements. They receive over 40 phishing attempts annually on average, according to the research. Overall, Barracuda found an average organization is targeted by over 700 social engineering attacks in a year, 49% of which are phishing attacks specifically.

Who attackers are impersonating

In addition to who is being targeted, Barracuda also looked into what exactly those phishing emails look like — specifically, who they’re impersonating. The research shows Microsoft is the most impersonated brand by far, with 43% of attackers posing as the company. This has been the case since 2018, according to security company Vade. In the first six months of 2021 alone, ​​Vade found 12,777 Microsoft phishing URLs. The company also recently discovered that hackers actually co-opted one of Microsoft’s anti-phishing features to launch more sophisticated phishing attacks.

“It’s pretty telling that Microsoft continues to be impersonated more than any other brand,” Shi said. “Not only because Microsoft is a trusted name, [but] also because they are the identity provider which most of the organizations are using.”

According to Barracuda, WeTransfer and DHL are the other most impersonated brands and, along with Microsoft, have comprised the top three since 2019. Impersonation of WeTransfer especially has been on the rise, doubling from being used in 9% of phishing attacks in 2019 to 18% this year. The company also found attackers impersonating Google, eFax, DocuSign, USPS, Dropbox, Xerox, and Facebook.

Rise in phishing attacks

If it feels like phishing attacks are everywhere, that’s because they are. In the aforementioned report, Vade also revealed a major jump in phishing attacks since the start of the year, with a 281% spike in May and another 284% increase in June. Shi said these types of attacks are “unfortunately very effective” and are rising because they’re used to steal credentials.

These numbers reflect other recent research from IT asset monitoring, management, and security platform provider Ivanti, which surveyed organizations about recent attacks. According to the report, 80% of respondents said they’d seen an increase in the number of phishing attempts targeting their organizations, and 74% said their organizations had fallen victim to a phishing attack in the last year. In that research, nearly 75% of respondents said IT staff were the targets.

Both of these reports, as well as many others, show not only that attacks are happening more often, but that they are getting more sophisticated, too. Thomas Briend, the Vade engineer who uncovered the Microsoft 365 tactic, said it’s “a first in terms of API abuse,” as far as he knows. Shi also specifically called out new links between cryptocurrencies and spearfishing, which describes phishing attacks that are targeted at specific individuals or organizations. While Bitcoin has always been used to collect ransom payments, hackers have increasingly been impersonating digital wallets and other related apps to steal valuable cryptocurrency directly. The report notes this has been happening over the past eight months, coinciding with the recent spike in Bitcoin’s value.

Overall, Shi believes we’re entering a phase he calls the “post-breach era,” where we have to accept that a large portion of our data and credentials have already been stolen.

“We have to have visibility, detection, and response capabilities to ensure we stop the criminals,” he said. “I want to be clear, this is not an easy task given how complex the attacks are.”

Data-driven creative for sensitive verticals

With big privacy changes, creative has become even more important with verticals like health and wellness and finance. Learn how to make data the backbone of your campaigns.

Presented by Procore

Despite consistently achieving incredible feats of ingenuity — such as building state-of-the-art hospitals, sustainable office buildings, and the infrastructure that powers and brings these structures to life — the construction industry is often talked about as if it’s “behind.” I have worked in this industry my entire life, and I know the “construction doesn’t want to change” diatribe misses the point entirely.

This industry is no stranger to technology or innovation, and it regularly navigates complex, high-risk, and ever-changing environments. The industry has found ways to build two 2,000,000 sq. ft. office towers over active rail lines in New York City. In another case, it managed to continue construction on a desperately needed children’s hospital wing — and to do so on schedule, even amid a global pandemic.

Today, incredible technological innovations are employed across the construction sector every day, from robotics, to 3-D printing, to artificial intelligence and machine learning. Big firms have been investing in cutting-edge technology for decades. In fact, McKinsey reports that venture capital investment growth in construction tech has far outpaced venture capital investment overall, and that investment in construction tech has more than doubled in the last 10 years.

Why then, hasn’t the construction industry seen the same productivity gains as other sectors?

Connecting the people who build the world

The construction industry has its roots in handshake deals and relationships. Its success will forever depend on how well its people are able to connect and communicate. No building is built twice — meaning every project is essentially a prototype. Different teams are assembled for each project, so it’s likely they’re working together for the first time. Even so, they’re dependent on each other and ultimately share project risks.

What sounds like a vast network of decentralized work and unpredictable stakeholder dynamics is actually the markings of an industry that’s ripe with opportunities for innovation. While many technology solutions have helped solve pieces of the puzzle, few have focused on the foundational challenge of bringing everyone together, so they can work off the same sheet of music. Large construction firms often have upwards of 10 disparate digital tools for managing specific aspects of construction — one for project management, another for financials, and yet another for managing the schedule, just to name a few.

The problem, in other words, is not that construction is “behind.” The “problem” is that construction projects hinge on human connection, and most technology has not provided a single source of truth or adequate tools to connect teams. Not only does this inhibit communication and access to information which contributes to rework, it also prevents teams from harnessing the power of data.

Leveraging the power of data

The multi-stakeholder nature of construction creates a common scenario where no single company has easy access to, or control over, all the available data for any given project. Owners, general contractors, and specialty contractors each have their systems of record, which are often proprietary.

The construction industry generates massive amounts of data every day. And yet, 96% of that data goes unused, largely because it is stuck in siloed solutions. Leveraging this wealth of data can provide value for individual businesses, the construction industry, and the global economy, since construction is the third largest sector. Bringing all people, systems, and data into one place is where the real progress and productivity gains come from.

The Procore platform is designed to be a single source of truth for the construction industry. By building a data environment that bridges the gap between design and construction and connects all stakeholders in this massive industry, Procore empowers teams with actionable data and insights. Construction companies already generate an impressive amount of data from their projects — Procore connects that data and puts it to work.

To put the sheer volume of information into context: in 2020 alone, Procore customers uploaded or created over 90 million documents, 121 million photos, and 92 million inspection items. On average, our customers are adding over 224 terabytes of data to the Procore platform every month. Every single one of these uploads is data that can be leveraged to transform construction into a connected, data-driven industry.

We use artificial intelligence to help construction firms forecast effectively, track and manage productivity, reduce risk, and more. We can give construction project managers a new level of situational awareness — providing jobsites with real-time intelligence and enhancing jobsite safety, efficiency, and accountability. This data is not only valuable to individual companies, but to the industry at large. We are able to draw insights based on thousands of Procore projects and share trends around project starts, worker hours, and more.

In 2020, we saw an even greater interest in technology across the industry, as construction businesses adapted to the demands and challenges of COVID-19. The pandemic acted as a catalyst for the industry’s digitization, as remote work increased and staying connected became vital. As the industry further digitizes, we will likely see continued investment and growth in the construction space. The industry is poised for incredible success in the years and decades to come — the key will be to keep connection at the forefront of innovation.

Tooey Courtemanche is CEO of Procore.

Learn more about how Procore helps turn project data into business intelligence.

Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. Content produced by our editorial team is never influenced by advertisers or sponsors in any way. For more information, contact [email protected].