Linked: Large-scale phishing study shows who bites the bait more often
|

Linked: Large-scale phishing study shows who bites the bait more often

They had some interesting findings on gender (doesn’t matter) and age (young and older employees seemed more likely), but this is one that I think impacts a lot of what we do when it comes to protecting against phishing:

“An interesting finding in the ETH study is that employees who are continuously exposed to phishing eventually fall for it, as 32.1% of the study participants clicked on at least one dangerous link or attachment.”

Linked: You know how to identify phishing emails – a cybersecurity researcher explains how to trust your instincts to foil the attacks
|

Linked: You know how to identify phishing emails – a cybersecurity researcher explains how to trust your instincts to foil the attacks

And so, I wonder if those yearly, semi-annual, quarterly, video training would be a lot more effective if we also shared specific examples of people who got phished, and how they fell for it?

Like most things in life, it’s one thing to hypothetically know that something could happen, but it’s quite another to know that it did happen to someone we know. Someone just like us. That makes it so much more real in our minds, and it appears to make a huge difference in how users might approach phishing attempts.