Diligent said emails declaring a problem with an account or a new security measure tricked nearly 27 percent of respondents. Social media companies allegedly implementing new login procedures, credit card companies asking the user to open an attachment and verify account details, online merchants saying they've temporarily suspended an account, and even banks asking the user to "click here" to restore account access also duped a portion of respondents.
"When our survey respondents tried to spot a real email mixed in with the fakes, they were right more than 60 percent of the time. Still, that means that they flagged real emails as spam nearly 40 percent of the time - enough to do lasting damage to an account, friendship, or other important relationship. The lesson: Try to determine if the email really is spam before marking it as such," Diligent said.
The average score on the phishing test was 76%, which might be average in the classroom but doesn't quite cut it in fighting off scam artists.
Source: CSO Online
Sign up for CIO Asia eNewsletters.