1. Sales & Marketing
  2. Finances
  3. Your Team
  4. Technology
  5. Social Media
  6. Security
Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
Grow Your Business Security

Which Employees Are the Biggest Security Risk?

hacking . / Credit: Email Hack Image via Shutterstock

Employers now have a better picture of the characteristics that make people more susceptible to security breaches.

A new study that's scheduled to be presented at the upcoming International Human Factors and Ergonomics Society's annual meeting describes specific behavioral, cognitive and perceptual attributes of email users who are vulnerable to phishing attacks.

Specifically, the researchers found that people who are overconfident or introverted, and women, are less likely to accurately distinguish between legitimate and phishing emails. Phishing is the use of fraudulent email correspondence to obtain passwords and credit-card information, or to send viruses.

[The Other Victim of Cyberattacks]

"The results showed a disconnect between confidence and actual skill, as the majority of participants were not only susceptible to attacks but also overconfident in their ability to protect themselves," said the study's author Kyung Wha Hong, a North Carolina State University Ph.D. candidate.

As part of the study, participants were given a personality survey and then asked to scan through both legitimate and phishing emails. They were instructed to delete suspicious or spam emails, leave legitimate emails as is and mark emails that required actions or responses as "important."

Hong found that although 89 percent of the participants indicated they were confident in their ability to identify malicious emails, 92 percent misclassified phishing emails. In addition, 52 percent of participants misclassified more than half of the phishing emails, and 54 percent deleted at least one authentic email.

The results revealed that women were less likely than men to correctly label phishing emails, and subjects who self-reported as "less trusting, introverts or less open to new experiences" were more likely to delete legitimate emails.

Hong said she plans to continue developing a user profile that can predict when and with whom phishing attacks are likely to be successful, in order to design effective tools to prevent and combat them.

Follow Chad Brooks on Twitter @cbrooks76 or BusinessNewsDaily @BNDarticles. We're also on Facebook & Google+.

Chad Brooks

Chad Brooks is a Chicago-based writer and editor with nearly 20 years in media. A 1998 journalism graduate of Indiana University, Chad began his career with Business News Daily in 2011 as a freelance writer. In 2014, he joined the staff full time as a senior writer. Before Business News Daily, Chad spent nearly a decade as a staff reporter for the Daily Herald in suburban Chicago, covering a wide array of topics including local and state government, crime, the legal system and education. Chad has also worked on the other side of the media industry, promoting small businesses throughout the United States for two years in a public relations role. His first book, How to Start a Home-Based App Development Business, was published in 2014. He lives with his wife and daughter in the Chicago suburbs.