Digital natives more likely to fall for phishing attacks at work than their Gen X and Boomer colleagues

3 years ago 293

SailPoint survey finds that younger workers besides are much apt to usage institution email addresses for online buying and subscriptions.

Email / envelope with achromatic  papers  and skull icon. Virus, malware, email fraud, email  spam, phishing scam, hacker onslaught  concept. Vector illustration

Image: Vladimir Obradovic, Getty Images/iStockphoto

A caller Trust Issues survey recovered that Gen Z and Millennials should travel the illustration acceptable by their elders to make amended cyber hygiene habits astatine work. This SailPoint survey asked 500 U.S. workers astir however they usage email and woody with phishing attacks.

The survey asked however respondents reacted to a suspicious looking email with a nexus oregon an attachment. Forty-six percent of Gen Z respondents said they would unfastened the nexus oregon attachment, compared to conscionable 1% of Boomers, 4% of Gen X and 29% of Millennials who besides would instrumentality the bait.

Sailpoint CISO Heather Gantt-Evans said integer autochthonal generations person a antithetic comfortableness level with what they prosecute with and station online, compared to radical who tin retrieve the days of dial-up oregon adjacent nary net entree astatine all. 

"Spending the bulk of their clip watching, tapping and swiping, integer natives are apt to person much identities oregon accounts — societal media, emails, streaming accounts, etc. — and each of those identities apt has hundreds if not thousands of followers, making those types of accounts a atrocious actor's dream," Gantt-Evans said. 

The survey recovered that a bulk of Gen Z (77%) and Millennials (55%) respondents usage firm email addresses for their societal media logins, compared to conscionable 15% of Gen X and 7% of Boomers. Almost 30% of each workers said they usage their institution email for online shopping. 

SEE: 10 ways ransomware attackers unit you to wage the ransom

Gantt-Evans said utilizing firm email for idiosyncratic concern tin make introduction points for atrocious actors into firm infrastructure. 

"If credentials are compromised and a firm relationship is taken over, the fallout from that constituent could beryllium catastrophic," she said. "Once menace actors are capable to unfastened a doorway, they tin rapidly found footholds, harvest information and deploy malware."

Using a enactment email for societal media oregon streaming accounts tin beryllium a atrocious prime for the worker too, Gantt-Evans said.

"If you alteration jobs, and you person attached your enactment email to idiosyncratic accounts, if those accounts go compromised, relationship betterment volition beryllium overmuch harder, if not impossible, arsenic those email addresses apt nary longer exist," she said. 

Gantt-Evans said that the champion mode to fortify cybersecurity is to travel basal cyber hygiene practices portion besides readying for falling victim. 

Gantt-Events recommends implementing the pursuing tactics to mitigate the hazard of phishing and different communal attacks: 

  • Limit Remote Desktop Protocol usage and guarantee it is down VPN with MFA
  • Establish email hygiene, browser isolation and endpoint detection and effect capabilities 
  • Conduct regular phishing consciousness grooming with regular phishing tests
  • Use "external" markers successful the taxable enactment for emails from extracurricular the enactment
  • Add a phish study fastener to email clients
  • Patch each bundle successful a timely mode and guarantee bundle centers and aureate images person up-to-date versions

The marketplace probe institution Dynata conducted this survey of 500 U.S. workers employed by companies with 2,500+ employees connected behalf of SailPoint.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article