Up to 185,000 Irish office workers have fallen victim to a phishing scam
- New survey finds millennials (17%) were most often victims of a phishing scam compared to 6% of Gen X and 7% of Baby Boomers
- Almost half (48%) of generation X, those aged 42-54, have been targeted by a phishing scam – with spear phishing believed to be a major contributing factor
- 44% of Irish office workers aged 54 and over have clicked on links or attachments from an unrecognised email sender
- 20% of survey respondents have never received IT security and awareness training
Dublin, 17th December 2018 – Datapac, Ireland’s leading technology solutions and services provider, today announces the results of a survey, in conjunction with Sophos, a global leader in network and endpoint security, on the impact and awareness of phishing in the workplace. The survey1, carried out by Censuswide in October, found that 14% of Irish office workers – approximately 185,0002 people – have fallen victim to a phishing scam.
Phishing is a tactic used by cybercriminals which involves sending emails that appear to come from genuine sources, that encourage users to reveal confidential information, such as banking details or sensitive company data, which is then used fraudulently. Phishing can have a major impact on the victim and their company, with hackers gaining a foothold into the corporate system. This can lead to a breach of customer data, the loss of confidential company information, and could leave organisations vulnerable to fines under GDPR.
The survey findings reveal many significant differences in phishing awareness among different age groups in the Irish workplace. The survey found that millennials (aged 23-41) are the most confident age group in their ability to detect an email scam. Just 14% of millennials said they are not confident they could detect a fraudulent phishing email. This rises to 17% for generation X (aged 42-53) and to just over one-quarter (26%) for baby boomers (aged 54 and over).
Conversely, the findings also reveal that more than twice as many millennials (17%) have fallen victim to a phishing scam than members of generation X (6%) or baby boomers (7%).
Karen O’Connor, general manager, Datapac, commented: “Despite millennials’ confidence in their ability to spot an email scam, they were in fact found to have been victims most often. This confidence may stem from complacency and emphasises the need for employers to provide cybersecurity training and ongoing refresher training to ensure all staff remain alert.”
On the other end of the spectrum, senior employees are also regularly the focus of hackers attention, with almost half (48%) of generation X and 36% of baby boomers revealing that they have been targeted by a phishing attack.
Worryingly, 44% of baby boomers admitted to clicking on a link or attachment in an email from a sender they didn’t recognise – significantly more than millennials (34%) and generation X (26%). This unadvised cyber practice puts both individuals and organisations at a much greater risk of experiencing a data breach through phishing.
Dermot Hayden, Ireland country manager, Sophos, said: “At Sophos, we have seen a pronounced increase in instances of attempted spear phishing attacks – campaigns targeted specifically at C-Suite or senior level individuals who often have access to highly valuable financial and organisational information. If hackers can gain access to a company’s funds through this method, the financial loss could be disastrous, particularly for SMEs. It is crucial senior employees remain vigilant against these tactics.”
The survey also explored the extent to which employers provide IT security and awareness training to staff and, alarmingly, found that 20% of Irish office workers have never received such training. An additional 20% indicated they received training either less than once a year or only once during their induction.
Karen O’ Connor continued: “Phishing is not just a problem for the IT department to solve, but is an organisational issue requiring cross-department buy-in. Operational and HR teams play a crucial role in creating a culture of awareness. Under GDPR, organisations are obligated to put in place adequate safeguards for customer data, making this a key business concern. User awareness training should be provided on an ongoing basis in the same way as other vital employee training such as health & safety.”
“Cyber education delivered only at an induction level, doesn’t accommodate long-standing and senior employees, who, as the survey shows, are in most need of security refresher courses. Technology can play a part in addressing phishing in a cost-effective way by educating and testing all end users through automated attack simulations and continued interactive security awareness training. A chain is only as strong as its weakest link and, as attacks become more prevalent, businesses must make every effort to educate all employees on the very real threat of phishing.”
For more information of IT Security Services and Solutions from Datapac click here
1The online survey of 500 Irish office workers was carried out by Censuswide on behalf of Datapac and Sophos in October 2018.
2 Figure based on total Irish office workers as according to Q3 2018 statistics from the CSO
Sophos is a leader in next-generation endpoint and network security, and as the pioneer of synchronized security develops its innovative portfolio of endpoint, network, encryption, web, email and mobile security solutions to work better together. More than 100 million users in 150 countries rely on Sophos solutions as the best protection against sophisticated threats and data loss. Sophos products are exclusively available through a global channel of more than 30,000 registered partners. Headquartered in Oxford, UK, Sophos is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency."
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation."
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard."
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.”
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.