Nearly one-third of users clicked the link in a phishing email sent by Duo Security. 17% of users entered their user name and password, which would have given a real attacker the keys to corporate data. A phishing campaign that took just five minutes to execute via the tool could lead an attacker to corporate info within 25 minutes, Duo Security says. Companies need to understand that the internal campaigns are not one-and-done events, says Jordan Wright, R&D engineer at Duo Security.”]
Source: https://www.darkreading.com/analytics/the-real-reason-phishing-works-so-well