Skip to content

Two-thirds of businesses bracing for Covid-themed phishing surge in new year

LONDON ― December 17, 2020 ― Nearly two-thirds (64 percent) of business decision-makers are anticipating Covid-themed phishing attacks targeting their company to increase in 2021, according to new research from Centrify, a leading provider of Identity-Centric Privileged Access Management (PAM) solutions.

The research was conducted by an independent polling agency Censuswide and obtained via a survey of 200 business decision-makers in large- and medium-sized enterprises in the UK.

The data also revealed that more than half (52 percent) of business decision-makers have anticipated an increase in cyber-attacks facing their organizations, as triggered by the most recent national lockdown in the UK, which ended on the 2nd of December.

To protect their organizations, IT security professionals should take proactive measures including security awareness training for employees, restricting VPN connections, increasing the use of multi-factor authentication (MFA) wherever available, and applying least privilege access controls.

Despite these concerns, 37 percent of respondents admitted that they currently have no plans to train new employees on data management policies and cybersecurity risks specific to Covid-related disruption.

Furthermore, 37 percent also stated that they do not have sufficient systems in place to verify employee identities and credentials when accessing company data.

Howard Greenfield, Chief Revenue Officer at Centrify, comments:

“Covid-themed email, SMS, and web-based phishing attacks have not been uncommon over the last year, and so far we’ve seen cyberattack campaigns using the guise of charity, government financial aid initiatives, and business support schemes already lure thousands of victims into leaking sensitive information, such as log-in credentials and payment details.

“In fact, these phishing campaigns have been so sophisticated and widespread in 2020 that business leaders can only reasonably assume that a colleague or employee has already fallen victim to one – especially if they have been working remotely this year for the first time in their career.

“Therefore, it is absolutely imperative for companies to adopt a zero trust approach enforced by least privilege access, which will only grant access to certain applications and data once a user’s identity has been verified. This will ensure that leaked log-in credentials do not necessarily translate to a breach of data.”

To learn more visit


About Centrify
Centrify is redefining the legacy approach to Privileged Access Management by delivering multi-cloud-architected Identity-Centric PAM to enable digital transformation at scale. Centrify Identity-Centric PAM establishes trust and then grants least privilege access just-in-time based on verifying who is requesting access, the context of the request, and the risk of the access environment. Centrify centralizes and orchestrates fragmented identities, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse.

©Centrify 2020. ®Centrify is a registered trademark of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.