Phishing campaigns succeed primarily due to carelessness on behalf of employees, who might open unsolicited attachments or fail to double check a sender's address.
For cybercriminals, employees in a rush make for excellent targets, suggesting phishing threats lurking in the inboxes of furloughed employees could pose a significant threat.
According to a new survey from KnowBe4 and Censuswide, almost half of employees absent from work for a prolonged period want to sort their inbox as quickly as possible when they resume, in order to return to business as usual.
Only a third of those surveyed said they would make a concerted effort to crawl their inbox carefully to avoid potential threats.
Further, the majority of employees do not consider phishing a serious issue. Four in five believe they are able to spot phishing emails, despite lacking proper training, and half believe phishing is the IT team’s problem, and not their own.
According to KnowBe4’s Javvad Malik, if businesses are to remain safe, it’s paramount employees are provided with proper cybersecurity training.
“Individuals are often over-confident in their abilities to spot a malicious email. In the most recent 2020 Benchmarking Report, it was found that almost 40 per cent of untrained employees were likely to fall for a phishing email; a figure that continues to grow year on year,” he said.
“Without the necessary training, tied with a haste among employees to return to business as usual, organisations may very soon find themselves at the mercy of cybercriminals.”