Skip to main content

Nearly half of UK employees duped by online security threats, survey suggests

Cybersecurity experts helping a company protect from attacks
(Image credit: Getty)

New research has found that nearly half of employees (42 percent) based in the UK aren't able to spot a scam email (opens in new tab) pretending to be from Royal Mail.

The findings have been released by OpenText Security Solutions and highlight the continued lack of awareness surrounding common scams and cybersecurity threats.

With cybercriminal activity at an all time high, the survey underlines key issues that are catching out UK employees. It reveals that with the average business being targeted 28 times by cybercriminals in the last year alone, many employees are still oblivious to common threats.

For example, the findings indicate that many employees aren’t familiar with everyday cyber threats, with 50 percent admitting that they hadn’t heard of the term DDoS (distributed denial-of-service).

Related: The best data recovery software (opens in new tab).

Unaware of cyberthreats

Meanwhile, 60 percent said they had no knowledge of BEB (business email compromise). And, with nearly half (44 percent) of large organisations reporting network downtime lasting longer than one day due to phishing attacks, businesses are being advised to raise awareness of cyberthreats.

Survey findings revealed that over a quarter of employees in the UK (29 percent) have never completed any type of cyber risk awareness training. On top of that, seven-in-ten (70 percent) of employees said they would be worried about reporting if they’d compromised company security to their boss.

Matt Aldridge, principal consultant at OpenText Security Solutions comments, “Security awareness is critically important for all organisations, as the employee is always the first line of defence in cyber security.

There’s no use investing in sophisticated cyber security software if employees click on dangerous phishing links and grant cyber-criminals access to the business network or to confidential data. It’s like turning on a fancy home security alarm, but leaving a window open - you’ll be left playing catch-up after the bad guys get in.

To ensure cyber resilience, employees need to be educated on the latest risks as soon as they are discovered - whether that’s the Royal Mail scam or the multitude of other threats. Organisations can achieve this by using templated phishing simulations that are reflective of the latest emerging scams. 

These should be implemented alongside strong and robust communication to employees and adequate technical defenses, all of which will help to ensure cyber resilience.”

Find the best VPN software (opens in new tab).

Rob Clymo has been a tech journalist for more years than he can actually remember, having started out in the wacky world of print magazines before discovering the power of the internet. Since he's been all-digital he has run the Innovation channel during a few years at Microsoft as well as turning out regular news, reviews, features and other content for the likes of TechRadar, TechRadar Pro, Tom's Guide, Fit&Well, Gizmodo, Shortlist, Automotive Interiors World, Automotive Testing Technology International, Future of Transportation and Electric & Hybrid Vehicle Technology International. In the rare moments he's not working he's usually out and about on one of numerous e-bikes in his collection.