- Knowbe4 questioned world employees
- Many confident people have also been victims in the past
- Education and transparency are essential to combat phishing, researchers said
Although they trust their ability to identify phishing, many employees are still falling into such scams, said new research.
A KnowBe4 report warns of “displaced confidence” which can cause even more problems for businesses, showing that almost all (86%) of respondents think they can identify phishing emails with confidence.
However, more than half (53%) were victims of a form of social engineering scams: 24% fell for a phishing attack, 17% were deceived by a scam on social networks and 12% were deceived by a Deepfake scam.
Great confidence often leads to victimization
Employees in South Africa open the way both in the highest levels of trust and the highest scams’ victimization rate (68%), explains Knowbe4, suggesting that the confidence in bad guys can create a false feeling of security.
At the other end of the spectrum are British employees, who declared the lowest victim rate of the lowest scam (43%). However, this figure is also down 5% compared to 2021, which indicates that vulnerability increases even in regions with historically high levels of trust.
The training is essential to combat phishing and social engineering, known as Knowbe4, adding that “promoting a transparent security culture” is just as important. While more than half (56%) of employees feel “very comfortable” by reporting security problems, 1 in 10 still hesitates, out of fear or uncertainty.
“The effect of Dunning-Kruger, which is a cognitive bias where people overestimate their capacity, is well alive in cybersecurity,” said Anna Collard, SVP content strategy and evangelist at Knowbe4.
“This excessive confidence promotes a dangerous blindness – employees assume that they are warned of the crooks when, in reality, cybercriminals can exploit more than 30 factors of sensitivity, in particular psychological and cognitive prejudices, gaps in consciousness of the situation, behavioral tendencies and even demographic traits.”
