Four-fifths of business email users are unable to detect phishing scams, putting the enterprise at risk of cyber crime, security firm McAfee has warned.
According to the McAfee Labs Threats Report: August 2014, 79 per cent of those business users who were subjected to the McAfee Phishing Quiz failed to detect that at least one of the seven emails they were shown was a scam containing malicious links or malware.
Perhaps more alarmingly, the test appears to demonstrate that it's people in finance and HR departments - those parts of the organisation that hold some of the most sensitive corporate data - who are the worst at detecting such scams.
Clicking a link in a phishing email can lead to disastrous consequences for a business, enabling hackers to install malware or redirect users to compromised websites, potentially opening up the corporate network to attackers.
"As highlighted by our latest report, phishing continues to pose significant security risks for businesses and consumers alike," said Raj Samani, EMEA chief technology officer, McAfee, part of Intel Security, who warned that a lack of education about cyber scams is putting businesses at risk.
"More worryingly, perhaps, is the lack of education around how to spot a phishing email amid the many emails we're sent on a daily basis," he continued. But phishing is only a small drop in the wider security threat landscape, which is ever-changing and increasingly complex. It's no longer enough to react to threats as and when they happen."
Samani added that it's therefore important for organisations to ensure that through the use of both technology and education, they do their best to remain a step ahead of cyber criminals.
"One of the greatest challenges we face today is upgrading the internet's core technologies in order to make sure we're on the front foot rather than a step behind cyber criminals. Prevention is the way forward if we are to truly combat the array of threats we're seeing appear on a daily basis," he said.
McAfee tested 1,755 UK participants on their ability to detect phishing emails, with 79 per cent falling victim to at least one malicious link or message.
Earlier this year, LinkedIn users were warned about a phishing scam designed to persuade them to hand over log-in details as cyber criminals look to exploit every avenue possible for stealing information.