Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Employees easy bait for phishing attacks

January 4, 2017

  • Blog
  • Archive

Office workers are putting organizations at risk by being overly trusting of online scammers, according to new research from global security software firm, Avecto.

After questioning 1,000 people whose jobs require them to use the internet on a daily basis, the company revealed 65% of workers would be wary of clicking a link in an email from an unknown sender. However, if that email appeared to be from a colleague, supplier, or friend over 68% would have no concerns about downloading content or clicking on links. This highlights a security risk that is often easily exploited by attackers who exploit human behavior to encourage employees to reveal confidential information or allow access into the wider business network.

The research also found a worrying level of security ignorance among respondents using social media. Over 37% of workers said they take no action to check or verify the identity of people they are connecting with online.

Avecto’s findings come as instances of phishing attacks reach new heights. It’s estimated that more than 90% of cyber attacks and resulting breaches in 2016 stemmed from a spear phishing email.

Andrew Avanessian, Vice President at Avecto, said:

“Social engineering and phishing isn’t a new phenomenon, it’s tried, tested and incredibly lucrative. What is surprising however is the ingenuity with which hackers will try and deceive their victims, finding new and ever more sophisticated ways of getting hold of personal information.

“These findings underline just how far we have to go before we can realistically eradicate these threats. User education is nowhere near where it should be and that, ultimately, is fatally undermining enterprise security. It’s often said that humans are the weakest link in the security chain and organizations must act now to plug this knowledge gap.”

Cyber security consultant and sociologist, Dr Jessica Barker added:

“People are susceptible to social engineering because these attacks exploit social norms and human nature, including reciprocity, curiosity and pride. As we become increasingly connected – at work, at home and intertwining the two – the opportunities and impacts of social engineering are increasing.

“Threats don’t just exist outside an organization, neither are they always perpetrated by some malevolent third party, sometimes they lie a lot closer to home.”

For more information on social engineering and how to make sure you don’t become a victim, catch up on Avecto’s webinar with Dr Jessica Barker or download the “Know your threats: Social engineering” report.

Kevin Franks

Marketing Communications Manager

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.