Global site

The vulnerability of employees to cybercrime

Overview

When it comes to threats now and in the future, most businesses see human error as the core area of vulnerability with targeted attacks on staff via phishing, whaling and ransomware attacks being the most sensitive touchpoint. This assertion is consistently supported by all of the findings on data breaches that have already occurred.

“In the context of cyberpsychology, everyone thinks they are the equivalent of a cyber genius. In a study conducted at Friedrich-Alexander University, Germany, 78% of participants stated in a questionnaire that they were aware of the risks of clicking on unknown links, and yet, when sent a mock phishing email, 45% clicked the malicious link anyway.”

The Huffington Post

Key findings

8_catch-22_psychology-of-cybercrime-and-vulnerability-of-the-employee.png

Insights from RSM

Psychology plays a vital role within cybercrime. The cynical hacker’s success comes from a detailed study of human behaviour through the use of social engineering to understand what will trigger action and take advantage of our curiosity and propensity to trust. Ultimately, using social engineering, the hacker’s goal is to manipulate and deceive people into performing actions or divulging information such as passwords, bank account information, sensitive personal or commercial data, and they can even install malware on your computer.

It is vitally important staff are aware of the threats of cybercrime and know how to recognise a potential phishing, whaling or ransomware attack. We are seeing an increase in all of these methods of cyberattacks – which can result in significant operational disruption, financial loss and reputational damage.

The threat of human error is a key challenge for all businesses. The most important solution is ongoing user education and continually raising awareness.​