Two-thirds of employees in Germany have already clicked on unknown phishing links that potentially contain malware. These are usually pop-up ads, unknown websites, and QR codes. This curiosity carries significant risks, according to a study.
Why do employees click on links and content? The main reason: curiosity. Manipulated advertisements or fake shops can pose a major threat to companies. When surfing the internet, almost 70 percent of surveyed employees are careless and open dangerous content or scan unknown OR codes. Out of curiosity, they accept the risk of becoming victims of cybercriminals. This is confirmed by the recent study "Cybersecurity in Numbers" by G DATA CyberDefense AG, Statista, and brand eins. But careless behavior can also endanger a company's IT security.
Advertising
Perfect SME cybersecurity
How small and medium-sized enterprises defend against AI-led attacks with tailored security
The trap: Employees are often curious
The top risk is pop-up advertising, which lures users with fake competitions, for example. 31 percent of respondents said they click on pop-ups. The worst part: They can contain malware or lead to phishing sites. Almost as many people (29 percent) open unsafe websites disguised as legitimate offers. 22 percent of respondents scanned an unfamiliar QR code that could be manipulated and redirect to a fraudulent site. Only a third said they were cautious and not susceptible to any of the stated dangers.
"Cybercriminals also exploit people's natural curiosity to gain access to corporate networks – with potentially serious consequences," says Andreas Lüning, founder and CEO of G DATA CyberDefense AG. "Regular security awareness training raises awareness of these risks and makes employees an active part of the IT security strategy."
Advertising
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a month
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our
Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.
CleverReach
This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at:
https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time.
You may object to the storage if your interests outweigh our legitimate interest.
For more information, see the privacy policy of CleverReach at:
https://www.cleverreach.com/de/datenschutz/.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Security awareness training strengthens the cyber resilience of companies
A successful IT security strategy considers not only technical security measures but also the human factor. Security awareness training provides employees with practical insights into the tricks used by cybercriminals and demonstrates the role that behaviors such as curiosity play in this process. Through the knowledge imparted, employees learn how to recognize risks such as compromised websites and QR codes and how to deal with the diverse threats.
More at GData.de
About G Data
With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.
Matching articles on the topic
