In 2022, Kaspersky blocked 507 million user attempts to follow malicious phishing links. During testing carried out among employees in the Middle East, Turkiye and Africa region, employees most often fell victim to scam emails with claimed corporate announcements about the dress code (20,2% clicked), about account blocking (9,3% of trainees clicked the link), and fake recruiting announcements (5,1% clicked). These are the results obtained in 2021-2022 from the phishing simulator built into the Kaspersky Automated Security Awareness Platform (KASAP).
After analysing the results of employee cybersecurity trainings and tests, it was found that employees from the Middle East and Africa were more likely to fall victim to phishing than those from other regions – Europe, North and South America. 14,7% of employees from the Middle East and 11% of employees from Africa failed the phishing test. The APAC region was even further behind – here 15,6% of trainees failed the phishing test.
Over 2021-2022 in the Middle East, Turkiye and Africa region, the most popular topics for personnel cybersecurity trainings were safe email usage (e.g., singling out suspicious links, figuring out what is scam) and how to set secure passwords. These trainings were selected by over 70% of employees who passed the trainings. Other popular training topics included mobile device security, social media account security, and endpoint workstation protection. The course on data confidentiality was the least popular one.
“While the world of tech is advancing rapidly, people’s skillset often lags behind. As it turns out, the majority of employees globally need basic cybersecurity training. In our recent testing, which was carried out using Kaspersky Gamified Assessment tool, just 11% of 3,907 employees proved to have a high level of cybersecurity awareness. The so called ‘human firewall’ is often the weakest link in the cyber protection of an organisation,” says Svetlana Kalashnikova, Product Manager for Services & Education at Kaspersky.
“Companies should invest not only in traditional cybersecurity solutions that can be installed on corporate systems, but also in employee training. And before one can get trained, his cyber skillset should be assessed. The Gamified Assessment Tool is included in the ‘engagement phase’ of Kaspersky Security Awareness Portfolio. It precedes the training stage in the Kaspersky Automated Security Awareness Platform, allowing employees to get a clearer motivation for learning and helping organisations find out which educational program best fits their workers’ specific needs.”
To learn more about Kaspersky Security Awareness portfolio, please follow this link.
To avoid scams, keep personal and corporate data private and save funds, Kaspersky experts recommend: