A significant portion of office workers receive phishing emails at work during the working day.
According to a survey by PhishMe of 1,000 office workers, around 60 per cent said that they received phishing emails, while six per cent received more than ten phishing messages every day. The company claimed that this level shows that technical controls are failing to stop these messages as they pass through the system.
“They end up in user's inboxes, and for many companies it is purely down to luck if that employee responds,” said Scott Greaux, vice president of product management and services at PhishMe. “Our research shows that almost 60 per cent will fall for a well-designed phishing email – opening your systems to the criminals and hackers.”
PhishMe executive vice president Jim Hansen said that the survey also found that 41 per cent of respondents had no idea if their senior executives had been phished or not, and claimed that this was a case for training and building a fast and compelling theme that is straightforward.
Speaking at the Infosecurity Europe 2013 press conference in London, he said: “You need to get away from penetration testing and teach people, get them to be part of the program. The challenge is that they are passive, they walk past a poster and chats at lunch are not very effective.”