Phishing emails fool most employees. But is this their problem or email's?

[InfoSec News <alerts () infosecnews org>]

http://news.techworld.com/security/3543504/phishing-emails-fool-most-employees-but-is-this-their-problem-or-emails/

By John E. Dunn
Techworld
04 September 2014

More than a decade after phishing attacks became the standard way of 
getting around corporate defences, all but a tiny minority of employees 
still fall for this kind of email, a McAfee test of UK-based workers has 
found

After crunching numbers on 1,755 people who took the firm’s online 
Phishing Test, eight out of ten failed to spot at least one bogus email in 
seven with finance and HR departments among the worst performers.

Employees in more technical departments such as R&D were generally the 
best performers, with all types of workers particularly susceptible when 
spam emails included spoofed addresses.  Six out of ten people fell for 
UPS scams if the return address looked genuine while half were fooled by a 
similar tactic using an eFax notification.

“Phishing continues to pose significant security risks for businesses and 
consumers alike. More worryingly, perhaps, is the lack of education around 
how to spot a phishing email amidst the many emails we’re sent on a daily 
basis,” commented McAfee EMEA CTO, Raj Samani.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/