Security News > 2021 > December > Large-scale phishing study shows who bites the bait more often
A large-scale phishing study involving 14,733 participants over a 15-month experiment has produced some surprising findings that contradict previous research results that formed the basis for popular industry practices.
Instead, the study found that younger and older people are more prone to clicking on phishing links, so age is a key factor.
An interesting finding in the ETH study is that employees who are continuously exposed to phishing eventually fall for it, as 32.1% of the study participants clicked on at least one dangerous link or attachment.
"Interestingly, contradicting prior research results and a common industry practice, we found that the combination of simulated phishing exercises and voluntary embedded training not only failed to improve employee's phishing resilience, but it actually even the made employees more susceptible to phishing" explains the research paper.
These findings show that utilizing a corporate-wide crowd-sourced phishing detection service could significantly reduce the threat of phishing attacks.
Considering the central role that phishing continues to play in the entire spectrum of modern cyber-attacks, one owes to build upon these findings by experimenting further to develop more effective anti-phishing measures.