Corporate phishing scam spotting capabilities remain lacking

Cybernews reports that despite being confident in identifying phishing emails, 56% of workers and executives across the UK were not able to distinguish such scams from legitimate emails. Executives were more adept at separating legitimate emails from phishing messages but were slightly less capable of determining artificial intelligence-generated scams, compared with other employees, a survey from Dojo showed. Additional findings revealed that nearly half of the respondents failed to recognize either bogus Google alert emails or scam Dropbox messages, even with a phony URL used by the sender. Moreover, 57% were not able to discern a fake Google Sheets invitation. Such findings should prompt increased investment in corporate phishing training programs. "Not prioritising the protection of their data and capital can pose significant risks to the areas where investment is being placed," said Dojo Chief Information Security Officer Naveed Islam. Meanwhile, human error has been noted by City of London Police Cyber Protect Officer Daniel Houghton to be the most significant vulnerability in cybersecurity.