2020 Gone Phishing Tournament Phishing Benchmark Global Report Reveals Significant Rise In Phishing Simulation Click Rates, & Compromised Data

The latest edition of the Terranova Security Phishing Benchmark Global Report, drawing on results from 2020 Gone Phishing TournamentTM reveals a substantial year-over-year increase in participating end user click rates. It also details a significant rise in the percentage of users who would’ve potentially compromised their login data had the phishing simulation not been a safe security awareness testing environment.

The results in the latest version of the Phishing Benchmark Global Report underscore the need for all organizations, regardless of size, industry, or geographic location, to implement both an ongoing security awareness training program and consistent, up-to-date phishing simulations to strengthen their data protection infrastructure.

The results outlined in the Phishing Benchmark Global Report come at the tail end of what has been a tumultuous year for businesses worldwide. The global COVID-19 pandemic resulted in many organizations changing how they work and featured a spike in remote or remote-hybrid workforce adoption. However, distributed virtual offices have lessened the effect of technical data protection measures and consequently put employees’ ability to successfully detect and avoid phishing threats under a microscope.

This year’s Gone Phishing Tournament, which took place over 11 days in October 2020 to coincide with National Cyber Security Awareness Month, welcomed 57% more participating organizations than in 2019 and boasted a 90% increase in participating end users. The 2020 event also benefited from an extended global reach, with users completing the simulation in 98 different countries.

2020 Phishing Benchmark Global Report: Key Results

The results from the 2020 Gone Phishing Tournament underscored the potential consequences of a lack of phishing awareness. The data shows that nearly 20% of employees are still quick to click on phishing email links, a significant increase from the 11% posted during the 2019 Gone Phishing Tournament.

Other key data highlights include:

  • 67% of clickers (13.4% of overall users) submitting their login credentials, also up substantially from 2019, when just 2% submitted their credentials
  • The Public Sector and Transport domains struggled the most, posting a click rate of 28.4% and submission rate of 24.7%.
  • The Education and Finance & Insurance sectors performed considerably better than others, with rates of 11.3% and 14.2%, respectively.
  • Users in North America struggled the most with the phishing simulation, posting a 25.5% click rate and an 18% overall credential submission rate. This means a little over 7 out of every 10 clickers compromised their login data.
  • Users in Europe exhibited lower click and submission rates of 17% and 11%, respectively.

2020 Phishing Benchmark Global Report: Methodology

The phishing simulation email and web page templates used during the 2020 Gone Phishing Tournament were supplied by co-sponsor Microsoft. They reflected a real-world scenario that any user, especially those working remotely, may encounter in their daily lives.

Selected by the Terranova Security leadership team, the template measured several end user phishing behaviors, including clicking on a suspicious email link and submitting data using a webpage form. The template’s difficulty level was also increased compared to the 2019 simulation and was rated medium-high for complexity by the Terranova Security team.

Supported in 12 different languages, all participating users received the same phishing simulation over the same 11-day period, ensuring the data depicted in the Phishing Benchmark Global Report portrayed an accurate, apples-to-apples analysis of organizational performance. 

Download the 2020 Phishing Benchmark Global Report to get all the results and facts from the latest edition of the Gone Phishing Tournament.

Leave a Reply

%d bloggers like this: