90% of workers in Britain cannot resist clicking on a web link
Posted on 20 November 2013.
90% of UK workers surveyed have clicked on a web link embedded in an email with two-thirds (66%) admitting they very rarely first check to ensure the link is genuine, according to Sourcefire.

Not only does this expose the individual to a high risk of an IT security breach, it potentially leaves companies open to a hack attack as cybercriminal gangs target individuals to gain access to corporate networks and sensitive data.

The study identified three types of clicking behavior:

Compulsive clickers: 46% of surveyed workers fall into the Compulsive Clickers category. According to the research, 24–30 year olds are most likely to click on an unverified web link with 60% admitting that they always or often click.

Cautious clickers: 44% of those surveyed are Cautious Clickers who only occasionally click on a web link sent to them and when they do, 23% of them will check to see if the link is genuine. The most cautious are those in the 55+ age rage (47%).

Never clicks: Only 10% of those surveyed are in the Never Clicks category who say they would never click on a web link received via an email.

Dominic Storey, technical director EMEA at Sourcefire said: “It’s frightening to see how easily users can be duped into clicking what looks like an innocent web link, but which can actually give a hacker full control over the user’s computer in a matter of minutes without the victim knowing a thing about it."

"For most organizations it’s a case of when they will be subjected to an IT security breach, not if. Professional cybercrime gangs are adept at social engineering using social media to develop a profile of an individuals’ interests and circle of friends to target them, often by pretending to be a friend or family member. They know often the easiest way into any corporate network is via the weakest link in the security chain of an organization – a staff member," Storey added.

The issue of identity has never been more pertinent as more people are now shedding their real-world identities online and adopting digital personas. This makes it tricky to know whether an email received is from a ‘real’ person or a fraudster masquerading as a friend.

The study also revealed that 92% of those surveyed are more likely to trust a web link in an email if it came from a trusted source, yet only 34% of UK workers would always take precautions to ensure that the link is genuine. Worryingly, 5% of the sample stated that they never check to see if a link is genuine and 10% have no idea how to check. Almost twice as many women as men admitted they did not know how to check the origin of a web link (13% versus 7%).

The study was carried out by independent research firm Opinion Matters between 25th September and 2nd October 2013 and sampled 1,106 UK workers.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //