A poll of 1,000 office workers across the UK showed that nearly 60% of UK office workers receive phishing emails every day and 6% receive more than 10 a day.
Phishing is a method used by fraudsters to access valuable personal details, such as usernames and passwords.
The study, carried out by anti-phishing training firm PhishMe, shows how many phishing emails are successfully bypassing technical controls and end up in users inboxes.
Scott Greaux, at PhishMe said “Nearly 60% of employees receive phishing emails every day, so clearly technical controls are failing to stop these messages as they pass through the system. “They end up in users’ inboxes and, for many companies, it is purely down to luck if that employee responds,”
Greaux said many users could click on a link or open an attachment and then carry on working, without being fully aware of the implications of their actions.
What to look out for and what you should do if you receive a phishing email
Be aware and pro-active: When responding to emails or phone calls, never give your login or personal details. If you receive an email from a company that claims to be legitimate but is requesting these details, or a contact number tell them you will call them back. Use a contact number for the organisation that you have sourced reputably. Speak to them directly to confirm that the message is genuine
Use your spam filter: If you detect a phishing email, mark the message as spam and delete it. This ensures that the message cannot reach your inbox in future.
Know your source: Never respond to a message from an unknown source. Take care not to click any embedded links. Phishing emails are sent to a vast number of randomly generated addresses. However, clicking embedded links can provide verification of your active e-mail address. Once this occurs it may facilitate the targeting of further malicious emails. Even “unsubscribe” links can be malicious. Ensure that the e-mail is from a trusted source and you are, in fact, subscribed to the service.
Read more about the fraud on the Phishme website.
Please note: Action Fraud is not responsible for the content on external websites.
To report a fraud, call Action Fraud on 0300 123 2040 or use our online fraud reporting tool.