A study commissioned by PhishMe, an organization that specializes in offering anti-phishing training, shows that almost 60% of the office workers in the United Kingdom receive phishing emails every single day.
A small percentage of the targets of these phishing attacks (6%) receive more than 10 malicious emails each day.
“Nearly 60% of employees receive phishing emails every day, so clearly technical controls are failing to stop these messages as they pass through the system,” Scott Greaux, vice president of product management and services at PhishMe, explained.
“They end up in users inboxes, and for many companies it is purely down to luck if that employee responds. Our research shows that almost 60% of people will fall for a well-designed phishing email opening your systems to the criminals and hackers.”
According to the company, even more worrying is the fact that 60% of internauts will fall for a phishing scam if they haven’t been trained to identify malicious notifications.
“Many users could click on a link or open an attachment and then carry on working, without being fully aware of the implications of their actions. User education is essential adding human sensors to your security infrastructure improves overall security posture and helps ensure users don’t fall victim,” Greaux added.
Experts highlight the fact that every organization should provide its employees with proper training.
Unfortunately, as the success of many cybercriminal campaigns has shown, a large number of users still believe that the Internet is harmless and don’t think about the dangers that may hide behind an innocent-looking link or attachment.
One perfect example is the data breach that has affected the South Carolina Department of Revenue. The attackers gained access to the organization’s networks after sending out phishing emails to several employees.
It was enough for only one of them to fall for the ruse.