The Percentage of Employees Clicking Phishing Emails Explains Much About Cybercrime
Have you been diligent about cybersecurity training with staffers? Are you confident that your staff isn’t going to fall for clever cybercriminal tricks? There’s just no way they’re going to interact with that obviously sketchy email, right? Wrong. Even though you’d think that everyone would be savvy about the risks that come from email-based threats, you’ll be shocked at how high the percentage is of employees still clicking phishing emails.
Yep, They’re Still Falling For It
In 2020, the combination of a global pandemic, economic uncertainty, and a whole world full of new remote workers created a solid payday for cybercriminals, resulting in a 85% overall increase in all categories of cybercrime for the year, including a more than 600% increase in phishing attacks. That’s just the tip of the iceberg – every category of phishing related threat from ransomware to business email compromise (BEC) was a growth industry in 2020 as well.
Your staff is receiving more phishing attempts than ever. While some will get caught by your secure email gateway, the sheer volume of email that your staffers are handling combined with pandemic stress means that your staffers are getting a lot more phishing email – and clicking on it.
It’s Worse Than You Think
The numbers don’t lie: employees are regularly getting and falling for phishing emails every day. In a recent study of North American staffers, experts discovered that:
- 67% of clickers (13.4% of overall users) submitting their login credentials, also up substantially from 2019, when just 2% submitted their credentials.
- The Public Sector and Transportation sectors struggled the most, posting a click rate of 28.4%.
- The Education and Finance & Insurance sectors performed considerably better than others, with click rates of 11.3% and 14.2%, respectively.
- Users in North America struggled the most with the phishing simulation, posting a 25.5% click rate and an 18% overall credential submission rate. This means that a little over 7 out of every 10 clickers willingly compromised their login data.
- Users in Europe exhibited lower click and submission rates of 17% and 11%, respectively.
The danger to your organization is real and it is growing. Employees at companies of any size in any industry are prime targets for cybercrime because they will click phishing email. Here’s how to fight back and transform your staffers from new cybersecurity risks into new cybersecurity team members.
The Pathway to Phishing Resistance Success
In just the first three months of 2020, workers were hit with 30,000 more “suspicious messages,” and a 667% increase in related spear phishing. Every message that one of your staffers receives could be the one that kicks off an expensive cycle of cybersecurity disaster. But you can reduce that risk with security awareness training that includes phishing resistance.
Training That’s Painless for Everyone
Customizable training materials including phishing simulation emails is incredibly important right now because spear phishing, powered by a vast amount of new Dark Web Data, is the biggest risk that your employees need to be ready to fight – a new phishing attack is launched every 39 seconds.
The Bottom Line: Facts Don’t Lie
There are a few more facts to remember as we process the dismal fact that 25% or more of employees are still falling for phishing. Like the fact that regular security awareness training including phishing resistance reduces your chances of suffering a damaging cybersecurity disaster by up to 70%. Or the fact that if you undertake training and refresh it at least quarterly for all of your users, it sticks.
As you kick off the new year, it’s also time to kick off a new commitment to fighting back against cybercrime like phishing – and of course, we’ve got your back. Set up a call with one of our cybersecurity solutions experts today to learn how Optistar can help affordably protect data and systems from today’s biggest threats.
–ID Agent