Phishing scams and emails are on the rise. The FBI has issued warnings, and here at Komando.com, we've told you the best ways to avoid them, time and time again.
But despite pleas from experts and even the FBI, half of us simply don't listen, even if we know better. At least, that's what a new study from Friedrich-Alexander University found.
How the study worked
The study sent two different versions of fake spear phishing emails and Facebook messages to 1,700 college students. One email version targeted the students by their first name, while the others were addressed to nobody.
Meanwhile, the same goes for the Facebook messages, but it's important to note that those messages were sent from fake Facebook users that were given the 10 most common names on the site for their age group.
In both examples, the messages encouraged recipients to click on and view photos from a New Year's Eve party that was, at the time of the study, one week prior. When students clicked on the links, they were taken to an "Access Denied" page.
They're not pretty, but they could be worse.
- 56 percent of email recipients addressed by name clicked.
- 37 percent of Facebook message recipients addressed by name clicked.
- 20 percent of email recipients not addressed by name clicked.
- 42 percent of Facebook message recipients not addressed by name clicked.
Curiosity. Apparently, these kids have never heard the saying "curiosity killed the cat."
A whopping 78 percent of the students surveyed said they know the risks of clicking on random, unknown links.
Among the 78 percent, 20 percent of email recipients admitted to clicking and 16 percent of Facebookers admitted to clicking. But they lie! The real stats show that 45 percent and 25 percent, respectively actually clicked.
How to stay safe and avoid phishing scams
- If you get a friend request from an existing friend, verify that it's real. And of course, be very wary of friend requests from people you don’t know.
- Use caution before clicking on anything. Do not click on any link that sends you to a different site. You can navigate to the company's site yourself without using the provided link.
- If you're not sure you can spot the signs click here to take our phishing IQ test to see if you can tell a real email from a fake.
- Always be on the lookout for typos and grammar mistakes.