Researchers at Switzerland's ETH Zurich found that study participants aged 18-19 and those aged 50-59 are most likely to click on phishing links.
The researchers studied 14,733 people over 15 months to determine which employees fall for phishing schemes, how vulnerability evolves over time, the effectiveness of embedded training and warnings, and whether employees can help in phishing detection. Participants aged 18–19 were much more likely to click on phishing links and perform the dangerous action than any other age group; participants in the 50–59 age range were also more at risk. The researchers found that gender does not correlate with phishing susceptibility, and those using specialized software for repetitive tasks are more susceptible to phishing traps.
Further, 32.1% of participants clicked at least one dangerous link or attachment, and 30.62% of those who opened a simulated phishing email clicked on additional emails.
"We found that the combination of simulated phishing exercises and voluntary embedded training not only failed to improve employee's phishing resilience, but it actually even the made employees more susceptible to phishing," the researchers say in their published report.
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA