Study Finds Financial Institutions Less Likely to Fall for Phishing Attacks

Although there is a high risk for employees across industries to click on a suspicious link or email or obey a fraudulent request, employees at financial institutions are among the least likely to fall for such an attack.

That’s according to a recent study from the security awareness firm KnowBe4, which revealed that roughly 30 percent of employees across industries were likely to click on a suspicious link.

Employees at financial institutions were among the lowest risk to fall for such an attack. At banking institutions with less than 250 employees, 29 percent were initially considered high-risk, compared to construction companies at 38 percent, the industry that was the most at-risk.

However, training can help.

After 90 days of training, the study found that less than 10 percent of financial services employees fell for phishing attacks, and after a year it dropped to 1 percent.

The KnowBe4 report first established a baseline of employees, across 19 industries, who were likely to fall for a phishing attack. The company then conducted training and phishing security tests to determine how phishing awareness changed after three months and a year.