14 DAY TRIAL // Larger companies initiated programs for training their employees on how to detect phishing attempts, but despite increased awareness about this type of threat, the accuracy level is still quite low.
An online quiz designed to test users’ phishing knowledge reveals that the risk of a business suffering damage as a result of a fraudulent email is still far from being eliminated.
Created by McAfee, the quiz presents ten emails to the participants with phishing samples scattered, asking them to mark them as a valid or invalid email.
In an email sent on Friday, the security company said that the quiz was launched to the publilc in May and more than 20,000 individuals in 48 countries took the test.
The results of the test showed that 88% of those working in Accounting and Finance and Human Resources departments fell for at least one of the scams available in the test. Taking these departments out of the dataset, 79% of the respondents failed to detect at least one fraudulent email.
In most cases increased accuracy in spotting the deceit is also given by the regular type of email the user deals with on a daily basis.
If the test offers an example they are completely unfamiliar with, identifying it as good or bad becomes more of a guessing game.
However, McAfee said that “the exercise wasn’t to compare familiar emails messages, some of which are real and others fake. Rather, the test was to detect whether emails that appear to come from familiar companies are phishing or legit. After all, most legitimate emails from familiar companies take on different forms.”
The samples provided to the users included very familiar brands in the US, including LinkedIn, American Express, US Airways, eFax Corporate, Venmo, Standard Bank, Wells Fargo, UPS and PayPal.