The Extent of Social Engineering

Extent of Social EngineeringResearchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term “social engineering.” 85% percent of the respondents said they were aware of the term “phishing,” and 36% said they had fallen victim to a phishing email.

The researchers found that phishing emails are the most common form of social engineering attacks, followed by text message phishing (smishing) and voice phishing (vishing):

  • 48% – Suspicious emails with links and attachments and/or asking for their personal information
  • 39% – Suspicious texts with links and attachments and/or asking for their personal information
  • 37% – Pop-up advertisements that were difficult to close
  • 37% – Suspicious email(s) containing links, attachments or asking them to reply and divulge work/business information
  • 32% – Suspicious email(s) from someone posing as an important personal who was asking them to wire them funds
  • 27% – Suspicious voicemail(s) asking the recipient to divulge personal information
  • 26% – A virus on their computer or phone
  • 19% – Malware on their device that redirected them to a fake version of a website

NordVPN offers the following advice to help users recognize these types of attacks.

“The point of a social engineered attack is to get you to follow a link or sign up to something,” the researchers write. “The best way to recognize a socially engineered attack is to analyze the language of the message. Is the language desperate? Does the message imply there’s a time limit to whatever request it’s asking for? Does the message sound urgent? Remember that most banks will never text you and ask for your login credentials. In fact, any text message or email you receive that requests any kind of login details is probably best suited for the trash bin.”

New-school security awareness training can enable your employees to thwart social engineering attacks.

NordVPN has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews