Best bite: Kaspersky reveals phishing emails that employees find most confusing

[Gandalf_The_Grey]

According to estimates, 91% of all cyberattacks begin with a phishing email, and phishing techniques are involved in 32% of all successful data breaches.

To provide further insight into this threat, Kaspersky analyzed data gathered from a phishing simulator, provided voluntarily by users[1]. Integrated into Kaspersky Security Awareness Platform, this tool helps companies check if their staff can distinguish a phishing email from a real one without putting corporate data at risk. An administrator chooses from the set of templates, mimicking common phishing scenarios, or creates a custom template, then sends it to the group of employees without pre-warning them and tracks the results. A large number of users clicking the link is a clear indication that additional cybersecurity awareness training is required.

According to recent phishing simulation campaigns, the five most effective types of phishing email are:

• Subject: Failed delivery attempt - Unfortunately, our courier was unable to deliver your item. Sender: Mail delivery service. Click conversion: 18.5%;
• Subject: Emails not delivered due to overloaded mail servers. Sender: The Google support team. Click conversion: 18%;
• Subject: Online employee survey: What would you improve about working at the company. Sender: HR Department. Click conversion: 18%;
• Subject: Reminder: New company-wide dress code. Sender: Human Resources. Click conversion: 17.5%;
• Subject: Attention all employees: new building evacuation plan. Sender: Safety Department. Click conversion: 16%.

Among the other phishing emails that gained a significant number of clicks are; reservation confirmations from a booking service (11%), a notification about an order placement (11%), and an IKEA contest announcement (10%).

On the other hand, emails that threaten the recipient, or offer instant benefits, appeared to be less “successful”. A template with the subject “I hacked your computer and know your search history” gained 2% of clicks, while offers for free Netflix and $1,000 by clicking a link tricked just 1% of employees.

Best bite: Kaspersky reveals phishing emails that employees find most confusing

Phishing simulator data from Kaspersky Security Awareness Platform shows that workers tend not to notice pitfalls hidden in emails devoted to corporate issues and delivery problem notifications. Almost one in five (16% to 18%) clicked the link in the email templates imitating these phishing attacks.

www.kaspersky.com

 

[silversurfer]

@Gandalf_The_Grey You may forgot to add the source link?

Best bite: Kaspersky reveals phishing emails that employees find most confusing

Phishing simulator data from Kaspersky Security Awareness Platform shows that workers tend not to notice pitfalls hidden in emails devoted to corporate issues and delivery problem notifications. Almost one in five (16% to 18%) clicked the link in the email templates imitating these phishing attacks.

www.kaspersky.com

 

[Gandalf_The_Grey]

@Gandalf_The_Grey You may forgot to add the source link?

Best bite: Kaspersky reveals phishing emails that employees find most confusing

Phishing simulator data from Kaspersky Security Awareness Platform shows that workers tend not to notice pitfalls hidden in emails devoted to corporate issues and delivery problem notifications. Almost one in five (16% to 18%) clicked the link in the email templates imitating these phishing attacks.

www.kaspersky.com

I posted it as news with a link, but my post got moved to Kaspersky without the link

 

[harlan4096]

Some forum sections have no source field, that's why when moved, that information is lost... so better to add the link also in the body of the post.

 

[Gandalf_The_Grey]

Some forum sections have no source field, that's why when moved, that information is lost... so better to add the link also in the body of the post.

Will do that next time.

 

[CyberNewbie]

Very informative. Thanks for sharing.