Employers told to prioritise security awareness amid increased cyber threats
Employees are more likely to become victims of HR-related phishing emails, a new report has found, which underscored how business-related frauds are gaining momentum.
KnowBe4's latest report, which it sourced from its phishing tests, found that employees are most likely to click on phishing emails with the following subjects:
"These attacks are effective because they could potentially affect users' daily work and cause a person to react before thinking logically about the legitimacy of the email," read the report.
It further shows the shift of phishing emails from personal to business matters, as personal-related subjects from social media fell off the list. The report also found that the top five attack vector types are:
Read more: FBI: Hackers target HR, payroll in phishing scam
The report comes amid the heightened threat of cyberattacks as more businesses go “virtual”. Previously, employers were warned against online payroll-related frauds and COVID-related scams. Stu Sjouwerman, CEO of KnowBe4, said it’s essential that employers train their employees on cybersecurity as threats become more sophisticated.
"As phishing emails evolve and become more sophisticated, it is imperative that organisations prioritise security awareness training for all employees, now more than ever," said Sjouwerman. "New-school security awareness training for employees helps combat phishing and malicious emails by educating users on what to look out for - it is the key to creating a healthy level of scepticism to better protect an organisation and build a stronger security culture."
