Home Articles Shocking Number of Employees Still Fall For Phishing Emails

Shocking Number of Employees Still Fall For Phishing Emails


As if 2020 was not stressful enough, the number of cybercrimes across all categories grew by 85%. After all, much of the world’s workforce transitioned to remote work, which meant there were thousands of new targets for hungry cybercriminals.

Among all of those cybercrime categories, you’re going to find a couple of leading ones, including but not limited to – phishing.

Phishing is one of the most concerning email threats that employees are dealing with daily. If you run a business, you should be aware that uneducated staff can easily push the whole thing downhill, especially regarding the lack of knowledge and education in terms of online security. Here’s why!

Employees and Phishing Emails

With so many new remote workers globally, we witnessed a 600% increase in phishing attacks throughout the last year. Such insane numbers have proven how easy it has become to trick anyone into doing anything via the internet. There are more phishing attempts happening than ever before, and a concerning number of employees are falling for them.

Since so many aspects of our lives shifted to the online world, we now deal with more daily emails than ever before. It’s understandable why employees easily get lost in such a massive amount of emails. After all, it’s easy to lose focus once you’re reading through hundreds of them per day.

All of this has made new remote employees vulnerable to phishing attacks, which are getting more and more sophisticated. Simple email provider filters and security solutions are no longer promising to keep phishing emails out of your inbox. Why? Because the new attempts are becoming more and more sophisticated and far more personalized.

A Common Issue At Work

The truth is certainly concerning – employees are falling for phishing emails all the time. In fact, 67% of clickers end up submitting their login credentials through fake sites they access via phishing emails. The problem hides in the fact that people are not fully aware of the risks that they can encounter through emails.

This lack of knowledge is not only putting their data and devices at risk but also bringing the security of their employer’s network in question. Think about it, if your company’s staff members are not properly educated on the topic of phishing and cybersecurity, they can be considered a potential threat to your business.

A single phishing email can collect enough information to allow hackers to slowly climb the security ladder and find their way to entire databases behind your security wall. The question is, what should you do about this?

What Should You Do?

If your organization is at risk because of the number of people working remotely, it’s about time to take some steps toward increasing security. Your best shot, in this case, is to do everything in your power to educate employees on the matters of online security and email phishing as one of the most common types of security threats.

Here are a couple of ways you can do so:

  • Hold a virtual meeting to discuss cybersecurity measures with your employees.
  • Provide resources to help employees learn about email phishing and understand how to protect themselves.
  • Create and follow a company policy document that will outline steps required in case of a potential security risk or attack.
  • Take a look at the security measures your employees are implementing and continue raising awareness in this direction.

However, keep in mind that mistakes can happen even if you do everything it takes to teach your employees how to recognize and avoid phishing threats. Human error is the most commonly exploited vulnerability in any security system.

The main issue with phishing attacks these days is the fact that they are becoming more and more personalized. Thus, recommend your employees use a VPN or virtual private network to secure their data and devices online. That way, they will be revealing less of their information on the internet and thus reducing the risks of becoming a phishing attack target.

The less data you give away online, the less likely you are to become targeted by cybercriminals and third parties who are exploiting such open-source intelligence.