Science and Tech

Phishing at work: who is most vulnerable?

A recent study has investigated which personality traits and moods make a person more likely to fall for a scam known as phishing, which in recent years has become one of the main dangers of all those who stalk us on the internet.

Phishing is tricking a person, for example through an email message that takes them to a website that mimics a legitimate one, in order to get money from the subject, often by having them supply sensitive credit card information. , bank account or similar, as a general rule introducing themselves to it as security personnel from the bank or other entity that needs to do a check, or with other false identities and other excuses, more or less elaborate and convincing.

The study was carried out by Cory Fallon’s team, from the US Pacific Northwest National Laboratory (PNNL).

The money lost due to phishing is a lot. According to some estimates, in the United States alone during 2021, and counting only large companies, approximately $14.8 million was lost.

Security measures to defend against phishing include not only better technology, but also increased awareness on the part of potential victims.

“The first step in defending yourself is to understand the complex constellation of variables that make a person susceptible to phishing,” Fallon says. “We need to unravel the factors that make people more or less likely to click on a questionable message.”

Although most, if not all of us experience stress at work, the study authors have identified a specific form of stress that indicates who is most vulnerable to falling for the phishing scam.

In their study, Fallon and his colleagues found that people who reported a high level of work-related distress were significantly more likely to follow the link in a phishing email. Each point increase in the reported distress level increased the probability of clicking the link in the phishing message by 15%.

Here, anguish is understood as the feeling that someone experiences at work when they feel that they are unable to carry out the task at hand and that this places them in a difficult situation. This feeling of inability to do the job may be because he feels that he does not have enough time or that he does not have the necessary preparation.

[Img #68988]

Workers who are feeling distressed are more likely to click on a phishing email, according to the new study. (Illustration: Timothy Holland / Pacific Northwest National Laboratory)

The findings in this study could help workers and their employers to increase the level of security against phishing, by adding one more strategy: monitoring mood and avoiding clicking links in messages when the anxiety is too high .

The study is titled “Phishing in the Wild: An Ecologically Valid Study of the Phishing Tactics and Human Factors that Predict Susceptibility to a Phishing Attack.” And it has been published in the academic journal Journal of Information Warfare. (Fountain: NCYT by Amazings)

Source link