Workers Ignore RisksWorkers Ignore Risks
UK workers know the risks, but they can't help clicking away
August 8, 2006
LONDON -- A survey into the habits of 142 UK office workers conducted by Finjan, the global provider of best-of-breed proactive web security solutions, has uncovered that although they know the security risk to their employers caused by clicking on web-links or opening attachments from unknown sources, they simply can't help themselves.
Of those questioned 93 per cent said that they knew that links, attachments, pop boxes and web pages could have spyware or other forms of malicious code embedded within them. However, 86 per cent admitted that they opened attachments and clicked on links without being sure if it was safe to do so.
With spam designers becoming increasingly ingenious in creating emails that encourage people to open web-links or attachments, another worrying finding of the survey is that 76 per cent of respondents opened what they assumed to be viral marketing files, such as 'funny' videos, jokes and web sites.
Yuval Ben-Itzhak, CTO at Finjan says: "They may think they are downloading a joke email or website but ultimately the joke could very easily be on them and it is not funny at all. Spam emails are making it increasingly difficult for employees to differentiate between genuine and hoax emails, but employers need to take responsibility and take action to protect their systems and data from spyware, viruses and other malicious codes. Clear security policies on what is acceptable and what is not (for example clicking on unknown, non-work related web-links, forwarding such emails to other employees, and opening non-work related attachments) must be supported with stringent security solutions."
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023