Security Awareness Training Blog

    Most Americans Can be Fooled by Fake Election Emails

    featured-image-real-v-fake

    The average American cannot reliably distinguish between fake and legitimate election campaign emails, according to a study by Valimail. In the weeks leading up to the US midterm elections, Valimail surveyed 1,079 US adults and found that, on average, respondents could discern the legitimacy of just 4.98 out of 11 emails.

    Only one respondent correctly categorized all 11 emails. Individuals over 65 were slightly better at identifying emails correctly than younger respondents, and Republican respondents scored marginally higher than Democrats. Overall, however, the results were fairly consistent across the board. Notably, respondents were more likely to fall for a fake email if the email purported to come from their preferred political party.

    “The results of this survey confirm what nation-states and bad actors have known for years: that email is incredibly vulnerable to impersonation, and is therefore a prime channel for spreading misinformation, malware, and fraud,” said Valimail’s CEO Alexander García-Tobar. “More concerning is the fact that consumers' trust in their public leaders and political candidates can be so easily abused for financial or political gain, when the tools to combat these types of attacks are readily available.”

    All of the fake emails used in this survey contained visible tells that could have been detected by careful observers. Valimail notes, however, that phishing emails are often visually indistinguishable from legitimate ones. Attackers can also use field-spoofing and lookalike domains to further their deception.

    While Valimail's study concentrates on election influence operations, there are broader principles in play here that any organization could apply. Employees need new-school security awareness training that uses real-world examples to teach them the red flags (PDF) to look for and techniques they can use to verify the authenticity of emails.

    Valimail's report is here: https://www.valimail.com/resources/report/real-vs-fake-email-test-results/

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews