Despite daily news about cyber attacks targeting staff to get through companies’ boundaries, many office workers seem to be oblivious of the reality and how their actions impact their employers’ security. According to a survey of around 2,000 UK and US office workers conducted by security company Glasswall, 62% of employees admitted they do not check the legitimacy of suspicious attachments they receive from unknown senders. More worryingly, a further 15% said “they always or usually trust email attachments sent by people they have never even heard of”. Needless to say, such inattentive behaviour leaves companies open to external intrusion, with dangerous consequences.
Do not trust anybody – even your boss
Furthermore, the research delved into the actions taken by office workers when they receive emails from someone they do know – whether a colleague, a customer or a supplier. The picture doesn’t change – 83% claimed to “always or usually open attachments that accompany them”. Cyber criminals are aware of the social mechanisms established among colleagues and they know that by posing as someone their victim knows, they increase the chances of their scam succeeding.
Investing in staff awareness pays back
Many social engineering attacks and phishing scams cannot be stopped by technological solutions – how can you prevent your employees from clicking on malicious social media ads or speaking on the phone with someone who claims to be from HMRC? Technology has no power in these cases – so empower your staff! By investing in phishing awareness training, you equip your staff with knowledge, the most powerful tool to make them attentive and ready to fight phishing attacks.