58% of Spaniards have been the target of phishing attacks

He study ‘Ignorance is Bliss’ (‘Ignorance is happiness’) by Kaspersky on the attitude towards cyber security, carried out among a thousand Spaniards, reveals that 58% have received attempted phishing attacks. This practice is used by cybercriminals to obtain different credentials from their victims, with the aim of accessing bank or email accounts, among others. In addition, 15.5% admit to having been deceived.

Most phishing victims click on links from unknown senders – although they may come from known people who have also fallen for the scam – which redirect them to fraudulent websites and ask to enter personal information. For example, a very common situation is receiving an email that pretends to be the user’s bank asking for their passwords or personal data, warning that, otherwise, the account will be blocked. This is how they manage to get hold of the victim’s information. Specifically, the Kaspersky study reveals that the applications in which Spaniards are more likely to open links are the email (33%)y Whatsapp (21.5%) compared to direct messages on social networks (7%) or SMS (5%).

The study also reveals that 61% of those surveyed say they have some knowledge about cybersecurity. However, most make mistakes easy to avoid: more than half of phishing victims have not checked their device security settings (58%) or include personal information such as real name or social media location (55%).

Kaspersky experts also recall that cybercriminals also use the phishing technique to access corporate intranets and get hold of the data of companies and their customers. In this sense, the rise of teleworking has meant that corporate devices are connected to public networks or used more and more in the personal sphere. This, they warn, exposes organizations to threats such as Trojans, spyware, adware or phishing. If the malware ends up on corporate devices, attackers can access the corporate network and steal sensitive information, from trade secrets to other sensitive data. For this reason, it is important to train staff with basic notions of cybersecurity so that they are up-to-date with the main cyberthreats and know how to avoid them.

“Despite being aware of cyber risks, many people remain relaxed when it comes to their security, both at home and at work. This compromises the security of your personal data, but it can also put your job at risk.” explains David Emm, Principal Security Analyst at Kaspersky.

In this sense, he adds that “Most cyberattacks against corporate systems begin by tricking individual workers into taking an action that ultimately compromises the company’s security processes. We must be aware that our actions, individually, have consequences for us, but also for the company in which we work. For their part, organizations have a responsibility to educate employees, taking the time necessary to explain the types of threats that exist. Likewise, it is recommended that they establish clear security policies and plans and that they have measures to prevent attacks”.

It is essential to remember the importance of taking online security seriously and they share some recommendations to maintain privacy both personally and at work:

• Use strong and unique passwords for each account.
• Do not share personal information on the Internet.
• Be cautious when clicking on links or opening attachments in emails, especially from unknown senders.
• Use trusted security solutions and antiphishing technology, both on the devices and on the company’s servers.

More information