Five industries most vulnerable to phishing attacks
Large scale data breaches, like that Sony endured, are making headlines, but smaller phishing and spoofing scams can be just as prevalent.
Internet Security Awareness Training firm KnowBe4 conducted a phishing experiment among small and medium enterprises featured in the latest Inc. 500 and Inc. 5000. KnowBe4 used Inc.com to obtain domain names of the listed, and used a free data-gathering service to find publicly available email addresses. KnowBe4 then emailed a simulated phishing email with fake phishing link to employees at more than 3,000 companies. Individuals who clicked the link were directed to a landing page that informed them they had just taken part in phishing research. The emails were successfully delivered to about 29,000 recipients at 3,037 businesses; and in nearly 500 of those companies, one or more employees clicked the link.
KnowBe4 found that five industries in particular proved themselves to be vulnerable to cybercrime. Based on the percentage of companies in each of the 25 industries KnowBe4 emailed, the company says the following are the most phish-prone sectors:
- Travel – 25%
- Education – 22.92%
- Financial Services – 22.69%
- Government Services – 21.23%
- IT Services – 20.44%
“Any business that provides access to email or access to its networks via the Internet is only as safe from cybercrime to the degree that its employees are trained to avoid phishing emails and other cyberheist schemes. The more employees within an organization that use email or go online, the greater the risk of exposure to cybercrime,” said KnowBe4 founder and CEO Stu Sjouwerman in a statement.
You might also be interested in: Fines needed to help stem growing data breaches, Privacy Commissioner says
