17% of Workers Fall for Social Engineering Attacks

In tests that imitated the actions of hackers by sending emails to employees with links to websites, password entry forms and attachments, 17% of the messages would have led to a compromise of the employee's workstation and, ultimately, the entire corporate infrastructure if they had been real. In total, 3,332 messages were sent by cybersecurity firm Positive Technologies. The most effective method of social engineering turned out to be phishing emails: More than a quarter (27%) of recipients clicked the link, which led to a special website. Users often glance over or ignore the address, leaving them unaware that they are visiting a fake website.