Construction Industry Most Vulnerable To Phishing Scams

According to a recent ‘Phishing by Industry‘ report by KnowBe4, construction industry staff are most vulnerable when it comes to phishing scams. 

  • The report looks at 19 industries breaking them down into three categories, small (up to 250 workers); medium (250-999); and large (1,000+) 
  • Those in the construction industry placed first in falling for attacks in small and medium-sized businesses and second place in large corporations where the hospitality industry took first place 
  • According to KnowBe4, once training began, the percent of a company’s workers likely to fall for a phishing scam dropped dramatically 
  • In the construction category – after 90 days of combined computer-based training and simulated phishing security testing – the PPP numbers fell to 16.8 percent, small; 19.7 percent, medium; and 15 percent for large companies. 
  • After 12 months of such training the PPP fell further to 1.8 percent, 3.1 percent and 7.9 percent respectively 

Expert Comments:

Craig Cooper, COO at Gurucul:  

“This report goes to show how far we still have to go before we can eradicate phishing threats. Cybersecurity training for employees is still nowhere near where it should be. It’s often said that humans are the weakest link in the security chain. People are susceptible to phishing because these attacks exploit basic human nature, like curiosity and pride. Organisations would be wise to ensure that their users know about the potential dangers of clicking links and opening attachments in emails. 
Beyond user training, however, organisations should also monitor user and entity behavior to identify anomalous and suspicious actions. Machine learning algorithms can compare current behavior to previously baselined behavior. Behavior analytics provides the data to identify trends and spot outliers, so you can quickly remediate threats. The behavior is the tell. And, in this case, the behavior of the compromised account would be suspicious and would have been flagged as risky and anomalous by behavioral analytics.” 

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.