20% of Your Organization is Falling for Phishing Emails
In the spirit of all the ghosts and ghouls that creep through our inboxes every day we posted a short quiz to see just how savvy our audience was at identifying phishing emails. The results are in and we cannot deny that we are slightly amused. We would like to thank everyone who participated, all 295 of you.
The beginning of the quiz separated each respondent into one of 3 groups: -Absolute beginners -Your average netizen -Veteran security professionals
As expected, the veterans scored just a little bit better than everyone else, falsely identifying a phishing email just 16% of the time. Conversely, the newbies received bad marks nearly 32% of the time. The middle group marked wrong answers at an average of 21%.
But what is more…
Only 20 individual respondents walked away with a perfect score. Surprisingly, a single novice was among them.
Looking at the average of all three groups, it is interesting to note that all respondents failed 20% of the time. 20% of you have been the victims of a phishing email. That is a frighteningly high success rate for your average spammer. Most interestingly:
47% of all respondents falsely identified this email as a scam.
Email is the tried-and-true medium for spammer, and to know that they are still succeeding 20% of the time is a clear call to action for all those security and IT professionals out there. 20% of your organization is at serious risk of clicking on a phishing email today. What are you going to do about it?
Visit us Thursday for a primer on spoofing the email spoofers with FortiMail.
See our post from Raul Alvarez about how to spot a scam email: http://blog.fortinet.com/Scam-Email–Know-How-to-Spot-One/