More than half of all Australians who work in an office have had their personal data compromised by hackers, a new international study has shown.
Conducted by American-based cybersecurity company Webroot, the study found that 56 per cent of office workers had been the victim of a phishing scam – and of those who had their data stolen, only 30 per cent took the basic step of changing their password.
Compared to other established nations such as the US, the U.K and Japan, Australian workers are filled with false confidence despite having opened more suspicious links in text messages than their international counterparts, the report claims.
George Anderson, Product Marketing Director at Webroot, told 9news.com.au that while he was not surprised about the prevalence of the scams, he was shocked at how poorly Australians react.
“What was surprising was how little people do to protect themselves. They don’t change their passwords, they don’t seem to react to phishing scams, and that is surprising,” said Anderson.
“There’s a general attitude from office workers that somebody else should take responsibility for protecting their data. There’s definitely some strange psychology at work”
Anderson said Australians are amongst the most heavily targeted in the world, thanks largely to our unique time zone.
“We know Australians get heavily phished and a whole lot of activity happens there – Australia seems to cop the first wave of everything because office workers are often the first of the day to be online,” said Anderson.
“If people can get a hold of your credentials they can inject themselves into your emails and set up transactions, so even people you trust over email need to be viewed with suspicion if you’re getting requests to share personal data.
“People don’t realise just how exposed they are.”
According to the Australian Competition and Consumer Commission (ACCC), scams cost Australians more than half a billion dollars each year.
Just under half of all Aussie scams are conducted over the phone, while 23 percent come from email and 14.4 percent come from text messages.
One of the most concerning finds of the study, said Anderson, was how confident Australians were in their ability to spot a scam – despite being amongst the highest in the world to fall victim to hackers.
“Significantly more Australian workers compared to the rest of the world are aware that they have received a phishing message,” said Anderson.
“But there’s a complete overconfidence there – they were very narrow about where the real danger lied and where hackers were attempting to get to them.”
A whopping 91 percent of Australian office workers felt they could distinguish a phishing message from a genuine one, but only 53 percent correctly identified that phishing attempts could be made via phone calls, and even less understood how they could be scammed via text message and video chat.
Part of the hacker’s success is their ability to instil trust in unaware users – a tactic that is only growing in sophistication.
“We’re talking about hackers using what’s called ‘deepfake voices’ where they record the voice of a person or institution you trust and then use that to construct a phishing attack,” explains Anderson.
“And people share their information willy nilly online – and there’s ways for hackers to use that.
“If you’ve got a Facebook page or a Linkedin there’s ways phishers can scrape those profiles and understand the relationships within your work departments and at home.”
Scam warning surrounding the latest supermarket collectables
With millions of dollars, clients and private information at risk, Anderson says the stakes for businesses in protecting their data is higher than ever.
“All of us need to be suspicious about what we do online. We all want to be palatable and helpful to our co-workers and customers, but we need to value our own personal data higher than we currently do,” said Anderson.
“There’s different sensitivities to phishing scams across the generations too – baby boomers have a slightly different perspective on the risks online compared to millennials – and those who have grown up with technology tend be slightly more aware.”