New Research Shows Office Workers are Confident in their Ability to Detect Email Threats, Despite Continually Falling Victim to Scams
Intermedia releases 1st chapter of 3-part series
Everybody knows about the threat that hackers present to your data. But it’s your employees that present the bigger risk by unknowingly granting hackers access to your organization.
While 70% of employees say that their company provides regular cyber security risk training, the reality is office workers are lax on adhering to security best practices. Education efforts don’t extend far enough. Phishing scams are higher than ever, and office workers aren’t being properly trained to circumvent this exponential risk. As a result, a false sense of employee confidence is having financial ramifications on organizations of all sizes.
Research Reveals a False Sense of Confidence Among Office Workers with Phishing Scams Still on the Rise
In Intermedia’s 2017 Data Vulnerability Report, we surveyed 1,000+ full-time office workers at companies of all sizes to find out how workplace behaviors are impacting data security.
We’re releasing these findings as a 3-part series which looks at the impact and outcome these habits have regarding email breaches and threats, ransomware, and data loss, and what you should do about it.
Vulnerability by the numbers
Despite organizations educating employees about cyber threats and security best practices, office workers continue to fall victim to attacks – and not just entry-level employees. Owners/executives (34%) and IT workers themselves (25%) report being victims of a phishing email more often than any other group of office workers. Phishing is only getting worse as attacks become increasingly sophisticated and fool more and more employees into revealing critical company data. In fact, last year total phishing attacks surpassed 1.2 million – a year-over-year increase of 65%. And with the recent Equifax breach, there’s that many more names, birth dates, addresses, Social Security numbers, and driver’s license numbers out there to help scammers succeed.
Phishing attacks have dramatically increased, but education efforts have not
In addition, while 70% of office workers say that their organization regularly communicates with employees about cyber threats as a means of prevention, significant gaps between confidence and effectiveness remain:
- Security training is breeding a high level of confidence: 86% of office workers report that they feel confident in their ability to detect phishing emails.
- Yet phishing techniques still fool office workers: Roughly 1 in 5 employees (21%) admit to being victims of phishing emails, and those are just the employees who admit it. Nearly a quarter of Gen X office workers (23%) and Boomer-aged office workers (23%) say they have been the victim of a phishing email, compared to 17% of millennial office workers.
Comparatively, Intermedia’s 2015 Insider Risk Report found that 72% of office workers said they had received training on their company’s security practices, demonstrating that while the number of attacks has increased dramatically in the past two years, employee training has not.
That’s a top-level summary of our email breaches and threats data. Check out the full report on more insights, and sign up to receive alerts in the coming weeks as new chapters are added that focus on the financial implications of ransomware as well as data loss from employee actions.
Companies and partners alike need to offer their employees and customers a reliable, affordable and easy-to-manage solution to protect against these threats. Learn how the new anti-phishing features of Intermedia Email Protection do just that.