U.S. Banks Vulnerable to Mass Social Engineering and Phishing Attacks - New Cybersecurity Report from Hush Ranks 100 Largest

DETROIT--(BUSINESS WIRE)--Today at the Black Hat USA cybersecurity conference, Hush released the Top 100 U.S. Banks Human Attack Surface Report and Rankings. Powered by Hush’s proprietary AI-enabled platform covering billions of data points, this cutting-edge report exposes and quantifies risks that feed the most prevalent and hard to defend cyberattacks - social engineering and phishing.

With social engineering and phishing attacks skyrocketing, the report catalogs data on the most prevalent cybersecurity attack route: employees. The analysis also includes a comprehensive ranking that reviews regional, sector, scale, and AUM variations.

Key findings across the largest 100 banks in the U.S.:

• The average bank has 662,000 employee reconnaissance data vulnerabilities.

• Each employee averages 50 reconnaissance vulnerabilities, putting them and their bank at enhanced risk for being compromised by social engineering and phishing.

• The 10 largest banks represent 65% of all vulnerabilities with a combined total of 44 million.

• Smaller banks outperformed the top 20 largest banks in median vulnerabilities per employee.

“It will always be easier to hack a human than a computer,” said Mykolas Rambus, CEO of Hush. “The sheer volume of employee data exposed at the largest banks highlights the importance of anti-reconnaissance as part of a threat management strategy, especially against hacker AI. Regulators, Board of Directors, and Companies are realizing how dangerous these mountains of data can be when trying to protect against reconnaissance-fueled social engineering and phishing attacks.”

Download the full report and rankings to view the complete findings.

About hush

Hush is the cyberprivacy platform that reduces social engineering and phishing risks for companies and all levels of their employees. Hush empowers today's knowledge workers by finding everything the internet knows about them, educating them on their vulnerabilities, and making it one-click easy to reduce their targetable footprint. Combining AI-led detection and removal, Hush is the most comprehensive privacy defense against cyber, financial, physical, impersonation, and reputational threats. The platform is trusted by leading IT teams to monitor and minimize their company's human attack surface, because it's always easier to hack a person than a computer. Hush has won several awards including from Google, WealthBriefing, is SOC2 certified, and is a 'top cybersecurity-company-to-watch in 2023". Learn more at www.gohush.com.