Young people 18-25 years old are consistently more vulnerable to phishing attacks than those who are older, according to a new study by Wombat Security Technologies.
|Younger Internet Users Most Vulnerable To Phishing Attacks|
The study of 515 Carnegie Mellon University faculty, staff and students, involved sending participants fake spear phishing emails that contained a phishing URL. When they clicked on the fake phishing link, they were shown cartoons telling them about phishing and how to avoid similar spear phishing attacks in the future. All participants were sent a series of three legitimate and seven simulated spear phishing emails over 28 days.
The findings indicated people 18-25 were more likely to fall for phishing emails than older participants, though all age groups had high levels of vulnerability with the average likelihood of someone falling for a spear phishing attack at 46.4 percent.
The tools used in this study have been incorporated into Wombat’s PhishGuru service, an anti-phishing tool that allows organizations to train users by sending them fake spear phishing emails.
“This approach can be used to introduce users to new threats and train those who are most susceptible to phishing attacks,” said Dr. Norman Sadeh, CEO and co-founder of Wombat.
The study also showed that users trained with Wombat’s PhishGuru service retain knowledge even after 28 days, and adding follow-up training once a month decreases the likelihood of users falling for a phishing attack by 50 percent or more.