Mobile phishing goes under the radar

New Unisys Security Index™ finds almost half of Brits are unaware of SMS phishing, and more than two-thirds don't know where to report scams if they were to be victimised.

  • Thursday, 28th October 2021 Posted 3 years ago in by Phil Alsop

According to the new 2021 Unisys Security Index™, concerns in the UK around internet security (including computer viruses and hacking) are at the highest level in the 15 years that Unisys has been running the study. The report, which examines security attitudes of 11,000 consumers globally including 1,000 from the UK, also shows a particular increase in worries about financial security.

 

Despite their increased levels of concern, the survey found that most UK respondents were either overconfident or unaware when it comes to many cybersecurity threats, putting both themselves and their employers at risk. Additionally, the report uncovered potential strains between employers and employees regarding the monitoring of digital activity for remote workers, as well as privacy concerns around vaccination and medical history in the workplace.

 

Key findings include:

More than 9 in 10 (91%) people in the UK feel at least somewhat confident in their ability to stay safe from scams, but almost half (49%) of UK respondents said they are not familiar with the threat of SMS phishing (also known as 'SMiShing'), which is when a scammer texts via mobile asking for personal or financial information;

Only about one-quarter (26%) report being unaware of SIM jacking, which is when a scammer gets your phone number transferred to a phone they control;

More than two-thirds (69%) do not know which organisations to report scams to if they were a victim; and

Almost two-thirds (63%) of Brits said they would not be comfortable with their employer monitoring login and log out times, with a quarter saying they would not be comfortable with their employer monitoring any of their digital activity.

 

In terms of internet security, the findings pose a stark warning for both employees and their employers as cyberattacks continue to rise in scope and complexity, and as many organisations continue to navigate remote and hybrid work environments.

 

“With cyberattacks constantly in the headlines, it is no wonder that the average consumer is experiencing a level of data breach fatigue, but this behaviour is putting a lot of businesses at risk,” said Salvatore Sinno, chief security architect and director of cybersecurity innovation at Unisys. “Without proper network defences, one click from an employee working from home could put your company’s crown jewels at risk, which is why organisations need to embrace a holistic security strategy that provides greater visibility across IT and cloud environments so they can take action to address gaps and incidents, as well as look at tools that can encrypt data in motion, segment your network so that an intruder cannot move laterally across it and increase identity and access authentication measures.”

 

Tensions Rising as Employers Navigate Privacy and Monitoring in Age of Hybrid Work

The survey also highlights an increased tension in relation to private data. As the public and its employers navigate the return to a ‘new normal,’ their opinion on whether privacy or health should be prioritised is divided. In the UK, more than three-quarters of employees (77%) would not be willing to use biometric data and 63% would not be willing to agree to daily temperature monitoring to ensure safe access to their facility, while more than four in five (83%) are not comfortable using facial recognition to authenticate that they are the person using their computer remotely. While these levels of data-sharing reluctance vary between countries, they have an impact on how businesses can create a safe hybrid working environment for their staff.

 

“With the hybrid workforce here to stay, these results shine a light on the important role that providing first-class digital experiences can have for productivity, business outcomes and company security,” said Kevin Turner, digital workplace strategy lead, Unisys for Europe, Middle East and Africa. “The bottom line is that employees want their employer to provide tools that are secure, compliant and enable them to do their jobs better, easier and faster. At the same time, organisations need to be very transparent and consistent in their communications to avoid a culture of reluctance and mistrust. A change in culture can mitigate a lot of risk for organisations.”