We probably think we’re pretty savvy when it comes to identifying online attacks and phishing emails, Intel Security put us to the test and found us lacking: 97 per cent of respondents were unable to identify all the examples of phishing in their email security quiz.
Some 10 emails were compiled by Intel Security and 19,000 respondents from 144 countries were asked to identify which were legitimate, and which were phishing emails designed to steal personal information. Just three per cent were able to identify each phishing example correctly and 80 per cent misidentified at least one of the phishing attempts as legitimate, leaving them open to compromise and attack.
Cybercriminals are employing a number of different types of phishing email attacks. Usually mimicking a trusted business or personal sender, they’ll either try to get users to click to a website they’ve created to trick them into entering personal information such as user IDs and passwords or credit card information, or even using a link that, once clicked, unknowingly installs malware on the user’s PC.
When it comes to demographics, millennials will be disappointed to learn that the 35-44 year old age group was the top performing group with 68 per cent accuracy. On average women under age 18 and over age 55 did worst, while men did slightly better than women at 67 per cent to 63 per cent.
Canadians were ranked 26th overall out of the 144 participating countries, with France, Sweden, Hungary, the Netherlands and Spain topping the list for ability to detect phishing.
The email sample most identified as phishing was actually legitimate, with the offer for the recipient to take action and “claim their free ads” drawing suspicion – sometimes there is such a thing as free lunch, even if we don’t see it often anymore.
“Phishing emails often look like they are from credible sites but are designed to trick you into sharing your personal information,” said Gary Davis, chief consumer security evangelist at Intel Security, in a statement. “Review your emails carefully and check for typical phishing clues including poor visuals and incorrect grammar, other clues which may indicate that the e-mail was sent by a scammer.”