New research highlights opportunity for hackers to exploit employee trust
Office workers are putting organisations at risk by being overly trusting of online scammers, according to new research from global security software firm, Avecto.
After questioning 1,000 people whose jobs require them to use the internet on a daily basis, the company revealed 65% of workers would be wary of clicking a link in an email from an unknown sender. However, if that email appeared to be from a colleague, supplier, or friend over 68% would have no concerns about downloading content or clicking on links. This highlights a security risk that is often easily exploited by attackers who exploit human behaviour to encourage employees to reveal confidential information or allow access into the wider business network.
The research also found a worrying level of security ignorance among respondents using social media. Over 37% of workers said they take no action to check or verify the identity of people they are connecting with online.
Avecto’s findings come as instances of phishing attacks reach new heights. It’s estimated that more than 90% of cyber attacks and resulting breaches in 2016 stemmed from a spear phishing email.
Andrew Avanessian, Vice President at Avecto, said: “Social engineering and phishing isn’t a new phenomenon, it’s tried, tested and incredibly lucrative. What is surprising however is the ingenuity with which hackers will try and deceive their victims, finding new and ever more sophisticated ways of getting hold of personal information.
“These findings underline just how far we have to go before we can realistically eradicate these threats. User education is nowhere near where it should be and that, ultimately, is fatally undermining enterprise security. It’s often said that humans are the weakest link in the security chain and organizations must act now to plug this knowledge gap.”
Cyber security consultant and sociologist, Dr Jessica Barker added:
“People are susceptible to social engineering because these attacks exploit social norms and human nature, including reciprocity, curiosity and pride. As we become increasingly connected – at work, at home and intertwining the two – the opportunities and impacts of social engineering are increasing.
“Threats don’t just exist outside an organization, neither are they always perpetrated by some malevolent third party, sometimes they lie a lot closer to home.”
For more information on social engineering and how to make sure you don’t become a victim, catch up on Avecto’s webinar with Dr Jessica Barker or download the “Know your threats:Social engineering” report.
[su_box title=”About Avecto” style=”noise” box_color=”#336588″][short_info id=’100142′ desc=”true” all=”false”][/su_box]
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…