Phishing is a huge threat that affects so many industries every year. Some industries were hit particularly hard, with retail workers receiving an average of 49 phishing emails a year and many employees in these industries being completely unaware of how sophisticated and believable these emails can be.
2021 research found a 7.3% increase in email-based attacks between May and August 2021, the majority of which were part of phishing campaigns.
The increase in phishing attacks means email communications networks are now riddled with cybercrime and it does beg the question, could these ever-rising statistics be helped if employees were more aware of what to expect in a phishing email and knew what to look out for?
Here are some staggering statistics that prove how common employees are still becoming victims of phishing attacks.
1 in 3 employees is likely to click the links in phishing emails.
1 in 8 employees is likely to share information requested in a phishing email.
60% of employees opened emails they weren’t fully confident were safe.
45% click emails they consider to be suspicious “just in case it’s important.”
45% of employees never report suspicious messages to IT for review.
41% of employees failed to notice a phishing message because they were tired.
47% of workers cited distraction as the main factor in their failure to spot phishing attempts.
It is understandable that many employees are unaware of how intricate and calculating phishing emails can now be, as statistics show that an estimated 90% of security breaches according to IBM’s X-Force Threat Intelligence Index are done accidentally and through innocent human error.”“Employees cannot be blamed for mistakes like this happening as this is from a lack of teaching and training from the employer to make their employees aware of the latest phishing scams and what to look out for.
Phishing is a direct way that many hackers will try and gain entry into a company’s system and potentially cause dangerous and expensive cyber attacks. We recommend, among having the correct systems in place to try and stop your employees from receiving these emails in the first place, to train your employees on cyber security and what they should be on the lookout for.