Skip to main content

17% of Workers Fall for Social Engineering Attacks

posted onApril 10, 2018
by l33tdawg

In tests that imitated the actions of hackers by sending emails to employees with links to websites, password entry forms and attachments, 17% of the messages would have led to a compromise of the employee's workstation and, ultimately, the entire corporate infrastructure if they had been real.

In total, 3,332 messages were sent by cybersecurity firm Positive Technologies. The most effective method of social engineering turned out to be phishing emails: More than a quarter (27%) of recipients clicked the link, which led to a special website. Users often glance over or ignore the address, leaving them unaware that they are visiting a fake website.

“To make the emails more effective, attackers may combine different methods: A single message may contain a malicious file and a link, which leads to a website containing multiple exploits and a password entry form,” said Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies. “Malicious attachments can be blocked by properly configured antivirus protection; however, there is no surefire way to prevent users from being tricked into divulging their password.”



Industry News

You May Also Like

Recent News

Monday, May 21st

Thursday, May 17th

Monday, May 14th

Tuesday, May 8th

Saturday, May 5th

Thursday, May 3rd

Wednesday, May 2nd