During the recent Phishing Benchmark Global Report, almost 20% of employees clicked on links within simulated phishing attacks.
The report, organised by Terranova Security and co-sponsored by Microsoft, measured user interaction with simulated phishing attacks. A substantial year-over-year increase in participating end-user click rates was revealed, and a significant inflation in the percentage of users who would have potentially compromised their login data had it been a real phishing attack compared to previous years.
The results of the report revealed that while 19.8% of employees clicked the link within the simulated phishing emails, 68% of clickers went on to enter their credentials into a fake landing page. That’s 13.4% of the employee base giving away their credentials!
This is a significant step up from previous tests (before the coronavirus pandemic) whereby only 11% of employees clicked the link and 2% entered their credentials.
“The results in the latest version of the Phishing Benchmark Global Report underscore the need for all organisations, regardless of size, industry, or geographic location, to implement both an ongoing security awareness training program and consistent, up-to-date phishing simulations to strengthen their data protection infrastructure,”
Spokesperson
Due to the coronavirus pandemic and almost everybody being forced to remain at home, there has been an increase in the adoption of remote-work policies, this has lessened the effect of technical data protection measures.
“This year’s report illustrates the growing need for security awareness training initiatives that utilise real-world phishing simulations as a practical educational tool, organisations must take these phishing bench-marking results seriously and take the necessary steps to ensure every user has the knowledge needed to safeguard against the latest and most complex cyber threats.”
Lise Lapointe – CEO, Terranova Security
The public sector and transport industry struggled the most with phishing, posting a click rate of 28.4% and a submission rate of 24.7%. The education and finance and insurance sectors performed better than other sectors, with rates of 11.3% and 14.2%, respectively.
Could your organisation fall victim to a phishing scam by one of your users clicking on a malicious link?
Find out in our Free Click-Prone® Test today.