Skip to main content
close search
site logo
Dive Brief

Cybercriminals use fear, hope and greed to snare unsuspecting employees

Published April 12, 2018
By
Valerie Bolden-Barrett Contributor
Getty Images

Dive Brief:

  • Unsuspecting workers open unknown files and click on questionable links when snared by cybercriminals, according to new data from Positive Technologies (PT). In the report, "Social Engineering: How the Human Factor Puts Your Company at Risk," PT tested the success rate of certain hacking attempts by imitating hackers' behavior, which entailed sending employees emails with links to websites, attachments and password entry forms.
  • ​Test results show that employees not only routinely open unknown files and click on suspicious links, but also correspond with attackers. Although most employees (88%) work outside of IT, 3% of security specialists also fell for the hacking tricks.
  • PT said cybercriminals use fear, hope, greed and other emotions to make their attacks seem more authentic. They use subject lines, such as "list of employees to be fired” or "annual bonuses" to elicit responses. To reduce the risk of social engineering attacks, PT said employers should hold regular training sessions that test how well employees follow security principles.

Dive Insight:

PT's testing shows how easily unsuspecting employees can be cajoled into going on fake websites or giving away passwords. Employees are, for better or worse, your organization's first line of defense against cybercriminals; the right training is key. As a 2017 Harvard Business Review study shows, hackers don't need complex technical skills to break into an organization's network; they only need trusting employees who will lower their guard and take the bait.

One important note: a Willis Towers Watson study found that 90% of cyber risks were the result of human error and 66% were caused by employees’ negligence or maliciousness. Only 18% of cyber breaches came from external sources. Employers need to be as vigilant about securing their systems from internal breaches as well as external causes.

HR can partner with IT to draft security rules for the workplace that are easy to understand and follow. Once employees are aware of the many schemes and tactics hackers use to get at vital information, employers can create a more solid cybersecurity strategy. This increased protection also applies to customers, vendors and others who correspond with an organization.

Recommended Reading

Filed Under: HR Tech & Analytics

Editors' picks

Company Announcements

View all | Post a press release
Improvizations Signs Letter of Intent to Acquire The FASE Group
From Improvizations, LLC
November 12, 2024
LearnLux Financial Wellbeing Named Top 25 Work Tech Vendor
From LearnLux
November 07, 2024
CuraLinc Healthcare Expands Partner Network Announcing Strategic Oshi Health Partnership
From CuraLinc Healthcare
November 05, 2024
CuraLinc Healthcare Announces Strategic Acquisition of Marquee Health
From CuraLinc Healthcare
October 29, 2024
Editors' picks
Latest in HR Tech & Analytics
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell