Avira/Statista survey that found 31% of regular employees would open a phishing email – but only 9% of the IT staff would.
The pen test results show that a defense against phishing emails has two sides: a technical side – with ways to filter out incoming malware and phishing attempts – and also a human side – with a near-constant need to educate people what to do or not do with suspicious emails.
The penetration test also found other issues at the agency such as out-of-date encryption protocols. However, correcting “short circuits between the headphones” made up two of the final report’s three main points – employee education and further pen testing. Remember, if the email looks odd — use your head and have a good and up-to-date antivirus at hand.