The Phish-prone percentage is determined by the number of employees that would click on a simulated phishing email link or open an infected attachment as simulated by the conductor of the study, KnowBe4.
[RELATED: 3 Phishing Attack Examples]
The overall rankings for the most phish-prone industries are:
Insurance | 32.66% |
Manufacturing | 30.99% |
Technology | 30.09% |
Not for Profit | 29.85% |
Retail/Wholesale | 28.14% |
Energy/Utilities | 27.89% |
Healthcare/Pharma | 27.75% |
Other | 27.39% |
Education | 27.16% |
Business Services | 26.74% |
Financial Services | 26.29% |
Government | 25.09% |
Phishing attacks prove time and time again to be one of the most effective forms of cyber-attacks. To put it in perspective, legitimate B2C marketing emails average a click-through rate of 2.4%. Legitimate B2B marketing emails receive an average click-through rate of 3.5%. Illegitimate phishing emails average a click-through rate of 13%! Users are five times more likely to click on a phishing email than a marketing email.
Don't believe it? Pine Cove is happy to set up a phishing email simulation for your organization.
There are basically two steps every organization should take to protect themselves from the inevitable phishing attack. First, organizations need to train employees how to recognize phishing emails. Phishing emails can be hard to recognize but there are some best practices that users need to know when evaluating whether or not an email is legitimate.
Second, its safe to assume that no matter how much training you give, users will still fall victim to cyber-attacks and malicious emails. To secure your assets, organizations should invest in cyber-security software and hardware which will prevent the malicious infection from accessing your organization's assets.