More than 90 percent of cyber-attacks and resulting breaches in 2016 stemmed from a spear-phishing email.
New research from Avecto discovered that office workers are putting organisations at risk by being too trusting of online scammers. The company polled 1000 people whose jobs require that they use the internet on a daily basis.
Nearly two-thirds (65 percent) of workers would be wary of clicking a link in an email from an unknown sender, but if that email appeared to be from a colleague, supplier or friend, over 68 percent would have no concerns about downloading content or clicking on the links.
Over 37 percent of workers said they take no action to check or verify the identity of people they are connecting with online.
Andrew Avanessian, VP at Avecto said, “These findings underline just how far we have to go before we can realistically eradicate these threats. User education is nowhere near where it should be and that, ultimately, is fatally undermining enterprise security. It's often said that humans are the weakest link in the security chain and organisations must act now to plug this knowledge gap.”
“As we become increasingly connected — at work, at home and intertwining the two — the opportunities and impacts of social engineering are increasing,” said Dr Jessica Barker, cyber-security consultant and sociologist.
“Threats don't just exist outside an organisation, neither are they always perpetrated by some malevolent third party, sometimes they lie a lot closer to home,” Dr Barker concluded.