Study examines people vulnerable to phishing attacks

Younger and older individuals had increased odds of clicking on phishing links, but gender was not associated with phishing susceptibility, BleepingComputer reports. A study from ETH Zurich and an unnamed company also revealed a higher likelihood of phishing victimization among people using specialized software for repetitive tasks, compared with those who did not require computers for daily tasks. Moreover, employees with continued phishing exposure were found to be eventually victimized, with 32.1% clicking on one or more malicious attachments or links, indicating the need for better email security and anti-phishing filters, according to the study. Researchers also found that while suspicious email warnings were effective in warding off phishing clicks, providing more detailed warning messages did not correlate with increased effectiveness. "[W]e found that the combination of simulated phishing exercises and voluntary embedded training (i.e., employees were not required to complete the training) not only failed to improve employee’s phishing resilience, but it actually even made employees more susceptible to phishing," said the study. However, the study showed the feasibility of a corporate-wide crowd-sourced phishing detection service in curbing phishing attack threats.