Online Security - Educating Consumers From Email-Based Attacks



Email-based attacks are one of the most effective way cybercriminals use to obtain sensitive information from their target. A certain study conducted that, email message trick are extremely effective because a large number of people around the world cannot identify a sophisticated phishing email. This is because phishers are exceptional in imitating a business to trick their victim into giving out personal information. They usually target clients of reputable banks and online payment services to obtain bank details and financial information.

Conducted Phishing Email Experiment

In line with this, experts conducted an experiment in which a number of respondents were asked to spot some of the most common phishing scams from 38 emails laid before them. Half of the emails are legitimate messages and the other half were fraudulent emails. The respondents were then asked if they consider a certain email as a scam, what security measure they should perform if they were right, how certain they were with their decision and what they believe the effect would be if they became a victim of the phishing attack.

Although 75% of the phishing links were not clicked, the success rate of the study was only just over 50%. This is because several cautious respondents did not check the emails one by one and considered all 38 emails as phishing scams immediately. Which results in getting the majority of the phishing emails right. Experts say that those who made that move are people who are biased to think that all emails are phishing attacks and aren’t knowledgeable enough to differentiate a phishing email from a legitimate one.

This concludes that consumer education regarding phishing emails is significant in order to identify a phishing attack and its dire effect in real life situation. Experts suggest embedded training to tracked and determine the level of awareness of the general population on phishing attacks. Embedded training involves sending out bogus emails that educate a user about that particular type of scam message once clicked.

If you have any comments or questions regarding cybercrimes and how to improve the level of your security, please contact us.