Research has found that 30% of users will click on suspicious links. Within this research it was found that a companies complete network security is at risk because one third of employees are still falling victim to phishing attacks.
Duo Security has a free tool which found these figures around the time of the RSA conference in March 2016. Across 400 companies and their 11,542 employees were tested by their IT teams, the IT teams sent out “phishing emails” to see who would fall for the trick. Of those tested, 31% opened the email and clicked on the link within the email. Were this a real phishing email as opposed to a test one it would potentially cause data breach for the company they work for.
Even though only a small amount fell for the “scam”, around two-thirds of employees recognised the link as potentially malicious, however this was not the point, according to the R&D engineer Jordan Wright at Duo Security.
“At the end of the day, what we see is that just one malicious email is needed for an attack to be successful,” Wright told IT Pro. “31% may seem low, but in reality, it is still a lot of people.” What these results showed was 31% is 3,578 people is an average of almost nearly nine per business.