Many employees still click on shady links in emails and social media posts, despite knowing the risks, a new report from Mimecast claims.
Polling more than 1,000 employees worldwide for the report, Mimecast uncovered that while almost all (96 percent) claim to be aware of the fact that these links may be harmful, nearly half (45 percent) still open them from time to time.
To make matters worse, the same percentage refrains from reporting such emails to their IT security teams.
Mimecast's report also argues that employee cybersecurity training, when conducted, isn't always effective. Almost two thirds (64 percent) of respondents had received cybersecurity training related to working from home, yet some still click on high-risk links regardless.
“This research puts a spotlight on the fact that while there’s a good amount of awareness training being offered, the type of training or the frequency is completely ineffective,” said Michael Madon, SVP Awareness Training and Threat Intelligence at Mimecast.
Besides clicking on shady links, employees often engage in other forms of risky activity too. Ever since the lockdown began and remote working took center stage, many employees have used their personal devices for work, while others use work devices for personal matters.
“With everyone’s home becoming their new office, classroom and place of residence, it’s not really a surprise that employees are using their company-issued devices for personal use. However, better training is crucial to avoid putting the company at risk,” added Madon.
According to Mimecast, training needs to be short, visual and humorous in order to prove effective.