Over 30 percent of employees put their companies at risk by responding to phishing attacks
Phishing is one of the major security threats that enterprises now face, but according to new research from Duo Security users are putting 31 percent of organizations at risk of a data breach due to phishing attacks.
Based on feedback from the Duo Insight phishing simulation tool, the company finds that 31 percent of users clicked the link in a phishing email and worse still 17 percent entered their username and password, giving an attacker in a real-world scenario the keys to corporate data.
The goal of Duo Insight is to offer organizations of all sizes a free internal phishing drill system that allows them to simulate a phishing attack on their employees in five minutes. With the results of those simulations, administrators can identify potential security weaknesses and make the case for investing in stronger security solutions or better employee education.
“Our goal was to give organizations and administrators a tool they can use to educate their users,” says Jordan Wright R&D engineer at Duo Security. “It can educate users to help them identify phishing emails but also educate administrators in how exposed they are to phishing”.
Among Duo’s other findings are that 52 percent of people are using out of date browsers, putting them at risk from known vulnerabilities. Users with browsers that perform silent updates, Chrome for example, are much more likely to be running the latest version.
Using a series of templates to replicate real world phishing attacks, Duo Insight is available free of charge for businesses to check how vulnerable they are.
Source | betanews