Social engineering and phishing are often the primary means by which attackers infiltrate modern corporate networks.
By using this non-technical method that relies heavily on human interaction, attackers try to trick employees into providing them with valuable information, or taking action needed for making a successful intrusion. This makes social engineering one of today’s greatest threats towards companies.
McAfee’s Phishing Quiz has revealed some interesting facts about business users’ ability to correctly detect phishing emails.
The quiz consists of 10 email messages presented in emulated email clients. Each of the email samples contains active functionality, with the obfuscation of personally identifiable information and malicious content where necessary. Respondents get asked to identify each sample as real or as a phishing attempt.
The results of the McAfee’s Phishing Quiz show that:
- 80 % of all test takers fell for at least one of the phishing emails.
- Responders working within Accounting, Finance and HR performed the worst.
- Responders working within IT and R&D performed the best.
- Spoofed email addresses were the most effective tactic in fooling respondents.