/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBRACKNELL, UK: New research commissioned by Sourcefire, cyber security solution provider and now part of Cisco, has revealed that 90 per cent of UK workers surveyed have clicked on a web link embedded in an email with two-thirds (66 per cent) admitting they very rarely first check to ensure the link is genuine.
Not only does this expose the individual to a high risk of an IT security breach, it potentially leaves companies open to a hack attack as cybercriminal gangs target individuals to gain access to corporate networks and sensitive data.
Dominic Storey, technical director EMEA at Sourcefire said: "It's frightening to see how easily users can be duped into clicking what looks like an innocent web link, but which can actually give a hacker full control over the user's computer in a matter of minutes without the victim knowing a thing about it."
The study identified three types of clicking behaviour:
- Compulsive Clickers: 46 per cent of surveyed workers fall into the Compulsive Clickers category. According to the research, 24-30 year olds are most likely to click on an unverified web link with 60 per cent admitting that they always or often click.
- Cautious Clickers: 44 per cent of those surveyed are Cautious Clickers who only occasionally click on a web link sent to them and when they do, 23 per cent of them will check to see if the link is genuine. The most cautious are those in the 55+ age rage (47 per cent).
- Never Clicks: Only 10 per cent of those surveyed are in the Never Clicks category who say they would never click on a web link received via an email.
"For most organisations it's a case of when they will be subjected to an IT security breach, not if. Professional cybercrime gangs are adept at social engineering using social media to develop a profile of an individuals' interests and circle of friends to target them, often by pretending to be a friend or family member," added Storey.
Misplaced trust
The issue of identity has never been more pertinent as more people are now shedding their real-world identities online and adopting digital personas. This makes it tricky to know whether an email received is from a ‘real' person or a fraudster masquerading as a friend.
The study also revealed that 92 per cent of those surveyed are more likely to trust a web link in an email if it came from a trusted source, yet only 34 per cent of UK workers would always take precautions to ensure that the link is genuine.
Worryingly, 5 per cent of the sample stated that they never check to see if a link is genuine and 10 per cent have no idea how to check. Almost twice as many women as men admitted they did not know how to check the origin of a web link (13 per cent versus 7 per cent).
The study was carried out by independent research firm Opinion Matters between 25th September and 2nd October 2013 and sampled 1,106 UK workers.
"On a positive note, this survey shows that nearly one third of UK workers are checking the web link is genuine by hovering their mouse over the link so clearly the message is beginning to get through," concludes Storey.