A quarter of UK adults have been scammed online in the past, according to research conducted by the supplier Misco.
Apparently only a third can tell if an email is real or not, which might be the main problem.
In light of recent high-profile cyberattacks, Misco tested the nation’s ability to spot whether an email is real or fake. The research used screenshots of both real and fake emails and texts from banks, online money transfer services and Apple’s iCloud.
When asked to identify which of two near-identical emails – one real, one fake – was a genuine online account statement update from a bank account, 12 percent were fooled by the phishing email, believing it to be legitimate.
Those aged 16 to 24 were twice as likely to be duped, with 25 percent of this age group believing the fake email was genuine. Sixty-one per cent believed both to be fake, even though one was authentic.
Only 60 per cent of those surveyed could correctly identify another fake phishing email, this time a supposed security update from a bank. Sixteen percent believed the email to be authentic, while 24 percent admitted they were unsure as to whether it was real.
Afsar Chaudhury, Misco practice lead for network and security at Misco said: “We live in a digital age, where everything from our boarding passes to our bank accounts are accessed online. This makes it easier for hackers to gain access to our details, and this is shown in the increasing level of sophistication that goes into phishing emails.”
Chaudhury advised people to look out for certain clues, such as poor spelling or grammar, and high levels of impersonalisation to prevent phishing attempts.
“Services will never ask you to enter your details through a message, so avoid clicking those links or sending personal information in a message. We recommend using a different, secure password for each account you hold and changing them regularly, as this makes it harder for your accounts to be hacked. Regularly updating the security software on your computer can also stop any malware in its tracks, in case you do accidentally click through on a phishing link.”