14% of insurance workers failed a global phishing test, according to the latest edition of the Terranova Security Phishing Benchmark Global Report.
The report is based on user interaction with simulated phishing attacks. It revealed a substantial year-over-year increase in participating end-user click rates, and a significant spike in the percentage of users who would have potentially compromised their login data had the simulation been a real phishing attack.
“The results in the latest version of the Phishing Benchmark Global Report underscore the need for all organisations, regardless of size, industry, or geographic location, to implement both an ongoing security awareness training program and consistent, up-to-date phishing simulations to strengthen their data protection infrastructure,” Terranova Security said.
The COVID-19 pandemic has resulted in a spike in the adoption of remote-work policies. This has lessened the effect of technical data protection measures, Terranova said.
“This year’s report illustrates the growing need for security awareness training initiatives that utilise real-world phishing simulations as a practical educational tool,” said Terranova Security CEO Lise Lapointe. “Organisations must take these phishing benchmarking results seriously and take the necessary steps to ensure every user has the knowledge needed to safeguard against the latest and most complex cyber threats.”
The results of Terranova’s report revealed that nearly 20% of employees were quick to click on phishing email links – a significant spike from the 11% posted in last year’s report.
Other report highlights included:
- 67% of those who clicked on phishing emails (13.4% of overall users) submitted their login credentials.
- The public sector and transport industry struggled the most with phishing, posting a click rate of 28.4% and a submission rate of 24.7%.
- The education and finance and insurance sectors performed better than other sectors, with rates of 11.3% and 14.2%, respectively.