KnowBe4_Phishing_InfoGraphic_Q42017

Click on the Picture to download the full infographic in PDF format

Looking at the whole of , there were some interesting shifts on what was clicked from quarter to quarter. Usually there was a stand out for every quarter.

Over the course of the year, the top email templates clicked shifted each quarter for the general categories. The emphasis/most clicked at the beginning of the year in Q1 was on email and account updates.

The volume grew by nearly 50% the second quarter with the emphasis shifting to password changes and security alerts.

Third quarter saw a slight decline of top clicks by about 13% with the emphasis shifting to HR and health care.

And the fourth quarter saw a definite seasonal shift with 34% of templates clicked related to packages.

Social templates clicked remained relatively consistent with LinkedIn a clear stand out and jumping considerably up for Q4. This is typically when people wait to change jobs but start looking for jobs and connections as well.

The main take-away after looking through the is that people are *really* predictable.

There are basically 4 things that make people click:

  1. Promise of money: or threat of losing money
  2. Things that feed your hunger:  pizza in most instances, but also the Pumpkin Spice Latte (PSL) in Q4
  3. Threat of losing something : (non money related):  suspicious account activity, benefits, employment status
  4. curiosity: new contact request, new email, new file, you’ve been tagged in a photo, etc.

Organizations wanting to phish their employees can pull any of these levers and know that they are emulating the basic drivers can cause a 0;knee-jerk click1; reaction for phish prone employees. Similarly, criminals *already know* that these types of subjects will find the softest of targets and serve as an effective vector into an organization.


Free Security

Did you know that 91% of successful data breaches started with a spear-phishing attack?

Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with our free test. Did you know that also supports “Vishing” where you can actually send your users simulated voice mail attacks?

Get Your Free PST Now

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here