Employees are pretty good at spotting phishing emails
Although people are sometimes seen as a weak link in information security, a new report from F-Secure shows that a third of emails that employees report as suspicious are actually phishing.
The finding comes from an analysis of emails reported by employees from organizations around the world, using F-Secure's mail reporting plugin for Office 365, during the first half of 2021.
The most common reason given for reporting emails is a suspicious link, cited by 59 percent of users. 54 percent reported an email because of an incorrect or unexpected sender, and 37 percent because of suspected spam. 34 percent of users suspected the use of social engineering in an email, while seven percent reported because of a suspicious attachment.
99 percent of the reports received were automatically analyzed. Out of those, 33 percent were classified as phishing. Security professionals manually investigated the remaining one percent of reported emails and found 63 percent of those were phishing attempts.
"You often hear that people are security's weak link. That's very cynical and doesn't consider the benefits of using a company's workforce as a first line of defense," says F-Secure director of consulting Riaan Naude. "Employees can catch a significant number of threats hitting their inbox if they can follow a painless reporting process that produces tangible results."
While reporting of suspicious messages can clearly combat the phishing problem, there are downsides. For every reported email that a trained professional needs to investigate and respond to, Naude estimates effort of anywhere between 15 minutes to an hour depending on professional background and complexity of the particular case.
The full report is available from the F-Secure site.