Share this article on:
Despite increased awareness around cyber crime, one in three employees across Australia and New Zealand would click a suspicious link sent to them, according to a new report.
The annual Phishing report published by KnowBe4 found that 34.8 per cent of ANZ employees would click on a suspicious link, just a small jump from last year’s 34.5 per cent.
KnowBe4 calls this statistic its Phish-proneTM Percentage (PPP), i.e. the number of members of an organisation likely to fall to a phishing scam.
“[In Australia], as with previous years, phishing reigned supreme as the most successful attack vector for cyber criminals, with their highest success using ransomware, fraud, financial and identity theft, and business email compromise (BEC),” the report said.
“The Australian Cyber Security Centre (ACSC) Annual Cyber Threat Report received over 76,000 cyber crime reports or one report every seven minutes. This is a 13 per cent increase from the previous year, with 67,500 reports.”
This, according to the Australian Competition and Consumer Commission (ACCC), has had an economic impact of $526,292,444 in 2022, up from $323 million the year prior. The real loss figures are likely to be considerably higher, as these are only the reported scams.
KnowBe4 also unveils the industries with the highest PPP and the most likely to have their employees fall for a phishing scam.
“Across small and medium organisations, the healthcare and pharmaceuticals industry has the highest PPP of 32.3 per cent and 35.8 per cent, respectively,” says KnowBe4.
“Across large organisations, the insurance industry remains the most at risk for a second consecutive year with a PPP of 53.2 per cent, relatively unchanged from 2022.”
For context, Australia is comprised of 97.5 per cent small organisations, 2.3 per cent medium, and 0.2 per cent large organisations. There was a total of 2,569,900 organisations operating as of 30 June 2022.
KnowBe4 says the findings indicate that while there is an increased interest and awareness in remaining cyber safe, there needs to be an increased focus on social engineering and a greater knowledge that hacking isn’t a mess of numbers and code.
“An educated workforce forms a strong human firewall, which is key to practicing safe cyber habits and building a strong security culture,” said Jaqueline Jayne, Security Awareness Advocate APAC at KnowBe4.
Findings from Verizon’s 2023 Data Breach Investigations report reflect this need for education, as it revealed that 74 per cent of all breaches involved a “human” element.