Vast majority of small businesses don’t recognise email phishing scams
The vast majority of SMEs do not recognise email phishing scams, according to new research from IT firm Conosco.
The IT services company found that 98% of firms polled – including some IT professionals – failed to recognise the hacking attempts included in a survey.
After testing senior staff from a range of sectors on their ability to spot email phishing attempts, just 6% managed to identify all of the fake emails.
Although 70% of individuals got more than half of the answers right, it means that firms are still exposed to a significant level of risk.
A lack of training and skills was highlighted as a major concern for firms during the Real or Steal challenge – a series of genuine and fake emails from a selection of different companies.
While 93% of those taking part correctly recognised that a PayPal email was not genuine, 63% of people failed to distinguish a fake email from LinkedIn.
A Symantec Internet Security Report from earlier in 2016 highlighted that phishing is a serious problem in the UK – indeed it was the most targeted nation for phishing attacks and ransomware in 2015.
Phishing scams could bring a range of financial costs to British businesses, while also having the potential to severely damage their reputation.
Not only can this result in lost sales, but it can also hit the bottom line of the business as it can cost a significant sum to correct the problem.
Some businesses may even fail to recover entirely, and be left facing administration or another form of insolvency as a result.
SMEs are a target for hackers given they often have reduced levels of IT skills, awareness and security when compared to major firms.
They therefore need to ensure that their IT systems are as secure as possible and those operating in the digital sphere need to invest constantly to ensure they have adequate protection in place.
Regular staff training can also help to boost awareness of the issue and should directly result in them taking more care with data and security.
By Phil Smith