Digital natives are more likely to open harmful phishing emails than their older colleagues, according to new data. Digital natives is a reference to people who have grown up under the ubiquitous influence of the internet and other modern information technologies. This term is normally reserved for the 18 to 39 year old demographic.
Phishing is when attackers attempt to trick users into doing ‘the wrong thing’, such as clicking a bad link that will download malware or direct them to a malicious website.
The differences between digital natives and other (older) workers comes from a study conducted by SoSafe. These findings appear to contradict the popular assumption that digitally-savvy young people are better able to recognise phishing scams.
The younger users recorded an average click rate of 29 percent whereas older users (aged 50 and over) are significantly more careful about opening emails, with an average click rate of just 19 percent.
This was based on an annual study on general phishing awareness, conducted by SoSafe and Botfrei, which provides demographic insights into the click behaviour of users. In 2021, over 1350 users took part, and received realistic phishing emails that had to be identified.
The SoSafe study demonstrates that cybersecurity awareness remains worryingly low, with around 31 percent of participants clicking on at least one simulated phishing email. This means that 1 in 3 attacks could have been successful.
The study also revealed that email subject lines most likely to generate a click were usually based on emotional manipulation, inducing pressure, anxiety or curiosity, and appealing to authority as well as financial desires.
There are also some demographic differences in that men tend to click on phishing links more often than women; nearly one in four male participants (23 percent) clicked on one of the phishing mails, compared to 20 percent of females.
Where a person works is also an additional factor for consideration. Here, public sector organisations (including critical infrastructure organisations such as hospitals) appear to be the most vulnerable to phishing attacks with a click rate of 36 percent. This contrasts with the average click rate in the manufacturing sector, which is only at 19 percent.
Dr Niklas Hellemann, CEO at SoSafe tells Digital Journal: “Today’s sophisticated cybercriminals deploy a broad set of psychological tactics that exploit human emotions like stress, fear or respect for authority – and our data highlights why awareness of the threat landscape plays an absolutely crucial role in cybersecurity culture.”
Hellemann adds: “Even – or especially – the ones with the highest digital literacy are vulnerable to digital threats. Investing in technological barriers is of course vital, but companies also need to act now to empower their teams to spot threats and react accordingly – otherwise tech alone is powerless to protect.”
