As the year draws to a close, it leaves a record number of cyberattacks due in large part to the ongoing COVID-19 pandemic.
In particular, phishing attacks with a message related to the pandemic were one of the most popular threat vectors in 2020, with Google reporting over 2 million phishing sites in the year alone
However, a study by Atlas VPN warns that even more alarming is the fact that current security measures applied by organizations are inadequate to protect against this risk.
According to data acquired by Atlas VPN, one (19.8%) of every five employees fell for phishing emails even after having gone through security awareness training.
Out of the workers who clicked on these malicious links, 67.5% even provided their credentials to phishers. Surprisingly, the report concludes, awareness has not increased. On the contrary, data reveals the opposite trend.
Compared to 2019, the number of employees who clicked on a phishing link has increased by 77% going up from 11.2% in 2019 to 19.8% in 2020.
The report also refers to the surge in the number of employees who entered their credentials to phishers. While in 2019, only 1.8% of employees gave out their credentials during the phishing simulation, in 2020 this number increased by a whopping 644% to 13.4%.
When it comes to the global regions, workers in North America have the hardest time recognizing phishing attacks. At the same time, employees in South America and Europe are the most educated on the matter.
In terms of sectors, the public sector is the most vulnerable, with a total of 28.4% of employees clicking on a phishing link in an email
Transport industry, Services, Energy and Information Technology sectors follow in the list.