Survey reveals UK office workers are confronted with more phishing emails on a daily basis
LONDON, UK. – December 18, 2013 – UK office workers are bombarded with phishing emails with the majority seeing as many as ten attacks hitting their inboxes every day, a new survey from PhishMe has revealed.
The survey, which was conducted by One Poll, looked at the attitudes of 1,000 UK office workers towards phishing attacks and revealed that over a third believe they are seeing more phishing emails now than they were a year ago. During this year, 16 percent of office workers claim to have fallen victim to a phishing attack; there are probably a lot more that don’t know they were victims.
Commenting on the findings, Rohyt Belani, CEO of PhishMe, said: “These figures highlight exactly how big a problem phishing and malware attacks are to UK organisations. Spear-phishing emails are contextual, focus on triggering an emotional response, and target specific groups, which makes them very difficult to spot.”
“Today, threat actors will undertake extensive research into their targets to make their emails appear genuine and increase the chance of a recipient taking action. Over the last year we have seen a significant increase in the sophistication of phishing emails; attackers even emulate conversations via email to build confidence with the potential victim before launching the attack. Organisations must enhance their security defences with a continuous programme where they train their staff how to recognise and report phishing emails in a timely manner,” continued Rohyt.
From our experience, effective behaviour management ensures that employees stop and think twice before believing every email they receive. For example, they will know to look at the underlying URL, not just the displayed text, to see where the link is actually going. For starters, they develop the necessary levels of suspicion related to email communications and think “was I expecting this email?” or “do I know this person?”
Phishing has proven to be a very effective low-cost attack vector that bypasses most traditional detection methods. Several prominent security firms have confirmed in their research to be the top attack method threatening the enterprise today. With cyber criminals, nation-state actors, and most recently hacktivists like the Syrian Electronic Army, carrying out successful attacks via email, office workers can only expect more of the same in the future.
About PhishMe, Inc.
PhishMe’s methodology entails periodically immersing employees in simulated phishing scenarios, and presenting bite-sized, engaging training, instantly to those found susceptible. The solution provides clear and accurate reporting on user behavior, allowing customers to measure improvement over time. PhishMe works with Global 2,000 companies across many industries, including defense industrial base, energy, financial services, government, healthcare, and retail. For additional information, please visit: www.phishme.com.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.