A 2024 CNET survey revealed that 47 percent of U.S. adults are aware that their personal data was leaked in a cyberattack, with the highest incidence reported among Gen X and Baby Boomers.

About half of the Millennials and one-in-four Gen Z respondents said their data was compromised. Data breaches are frequent and occur because of phishing attacks, human errors, or even malicious employees seeking to exploit company information.

Although breaches don't directly translate to identity theft or fraud, they significantly increase the risk of phishing scams against individuals. The survey found that 71 percent of U.S. adults engaged in risky online security behaviors in the past year, which can further jeopardize their personal data and identity.

Common mistakes included using the same password across multiple accounts, saving passwords insecurely on phones or computers, and opting out of two-factor authentication.

Despite these risks, 84 percent of respondents reported taking protective measures over the holiday season when identity theft risks generally rise.

The survey also highlighted that many remain uncertain about whether their data has been compromised in cyberattacks, with one-in-five adults being unsure.

Source: https://www.cnet.com/personal-finance/identity-theft-and-cybersecurity-survey-2024/

Commentary

The above findings underscore the ongoing challenge of safeguarding personal data. One important step is to lower exposure to phishing.

Phishing remains a significant risk for organizations because it relies on human error and deception, often tricking employees into revealing sensitive information or clicking on malicious links.

Employees can be the first line of defense by maintaining vigilance against suspicious emails and messages. To prevent phishing attacks, it is crucial for employees to recognize common signs such as unexpected requests, urgent language, or inconsistencies in sender addresses.

Taking a moment to verify the legitimacy of messages by contacting the sender through trusted channels helps avoid falling prey to impersonation scams.

Developing a habit of not selecting links or downloading attachments from unknown or unexpected sources limits the opportunity for attackers to install malware or steal credentials.

Using strong, unique passwords and enabling multi-factor authentication adds additional layers of security to accounts, making unauthorized access more difficult.

Regular training and awareness programs tailored to evolving phishing tactics can improve employees' ability to identify and respond appropriately to phishing attempts. Encourage a culture that supports reporting suspicious activities promptly to enable quicker containment and mitigation.

Technology, such as anti-phishing software, can complement employee vigilance by filtering out many malicious messages before they reach inboxes.

The final takeaway is that informed employees, ongoing education, and security tools form a comprehensive approach to reducing the risk and impact of phishing within any organization.