INTELLIGENT BRANDS // Enterprise Security
Employees ’ tech habits posing a risk to APAC businesses
KnowBe4 , the provider of the world ’ s largest security awareness training and simulated phishing platform , has announced new research which has found more than half of APAC office workers ( 59 %) don ’ t believe using their work email for personal activity is a security risk to their employer .
Furthermore , less than four in 10 ( 39 %) say they always report suspicious emails and SMSs to the IT team responsible for cybersecurity . More than half ( 51 %) say they engage with suspicious emails and SMSs .
Almost half of APAC office workers ( 46 %) say they are not confident in identifying which emails are legitimate and which are scams , and 48 % feel the same way about identifying SMSs . However , when tested , that number fell even more with only 3 % able to correctly identify all the real and scam emails and SMSs .
Jacqueline Jayne , Security Awareness Advocate for APAC at KnowBe4 , said : “ The obvious first issue with this is that if APAC office workers are unable to identify scam emails and SMS Jacqueline Jayne , Security Awareness Advocate for APAC at KnowBe4
messages then they are at significant risk of getting phished or smished , risking both their security and that of their employer .
“ According to the ACCC , Australians lost a record AU $ 323 million to scams in 2021 ( up a massive 84 % from the previous year ). Meanwhile , 790 Singaporean victims fell prey to the recent OCBC smishing scam with a total loss amount of SGD $ 13.7 million , so the potential cost to APAC businesses is huge .”
In addition , more than one in 10 admit to using their work phone ( 14 %) and their work email address ( 11 %) for personal activities and more than one in three ( 34 %) APAC office workers admit to using the same password for more than one account .
Jayne continues : “ When employees are using their work email address for personal activities such as online shopping , they are much more likely to fall victim of a phishing attack that uses a hook such as delivery delays to entice the victim to click through .
“ Having a clear separation between work and personal activities makes it much easier to spot when an email is a scam – if you know you never shop online using your work email address then you know that email from Amazon can ’ t be real .” p
68 INTELLIGENTCIO APAC www . intelligentcio . com