Next Investors logo grey

Why you should change your password

Published 07-OCT-2019 10:31 A.M.


3 minute read

Hey! Looks like you have stumbled on the section of our website where we have archived articles from our old business model.

In 2019 the original founding team returned to run Next Investors, we changed our business model to only write about stocks we carefully research and are invested in for the long term.

The below articles were written under our previous business model. We have kept these articles online here for your reference.

Our new mission is to build a high performing ASX micro cap investment portfolio and share our research, analysis and investment strategy with our readers.

Click Here to View Latest Articles

Webroot, a comnpany that harnesses the cloud and artificial intelligence to protect businesses and individuals against cyber threats, recently released a report that sheds light on psychological factors impacting an individual’s decision to click on a phishing email.

The release of the report is timely as we enter Australian Cybersecurity Week this week.

In conjunction with Wakefield Research, Webroot's report Hook, Line and Sinker: Why Phishing Attacks Work surveyed office professionals from the US, UK, Japan and Australia (1,000 per region) to determine what people know about phishing tactics, what makes them click on a potentially malicious link and other security habits.

“Security and productivity are always in a tradeoff. People put off security because they are too busy doing something with a more 'immediate' reward. These findings illuminate the pertinent need for a mindset makeover, where the longer-term reward of security doesn’t get put on the back burner,” said Cleotilde Gonzalez, Ph.D., Research Professor at Carnegie Mellon University.

The study revealed that over half (56%) of Australian office workers have had their data compromised, including nearly 3 in 10 (28%) more than once. Among Australian office workers who had their data compromised as part of a breach or hack, 3 in 10 (30%) did not take the basic step of changing their passwords after the incident, and only 1 in 3 (33%) informed a government agency. Not only is this false confidence potentially harmful to an employee’s personal and financial data, but it also creates risks for companies and their data.

“Phishing attacks continue to grow in popularity because, unfortunately, they work. Hackers and criminals weaponise the simple act of clicking and employ basic psychological tricks to inspire urgent action. It is vital that consumers educate themselves on how to protect both their personal and financial data and what steps to take if their information is compromised or stolen," said George Anderson, Product Marketing Director, Webroot, a Carbonite Company.

Businesses should implementing regular simulated phishing and external attacks that address the various ways hackers attempt to breach organisations through their users. By combining the latest detection, protection, prevention and response technology with consistent attack training and education, IT Security departments can tackle the people, process and technology combinations needed to successfully mitigate attacks.”

While a majority of Australian office workers (91%) reported being able to distinguish a phishing message from a genuine one, more than half (60%) also admit to having clicked on a link from an unknown sender while at work, especially from email (75%).

There is no foolproof way to prevent being phished but taking a layered approach to cybersecurity including ongoing user training will significantly reduce risk exposure.

As Forrester points out in its report, Now Tech: Security Awareness and Training Solutions, Q1 2019, “Your workforce should treat cybersecurity awareness with the same importance they use for ensuring that their projects, products, and messages are on key with company brand. Invest in solutions that weave security best practices throughout your corporate culture.”

Read the full Webroot Report: Hook, Line and Sinker: Why Phishing Attacks Work

General Information Only

S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.

Conflicts of Interest Notice

S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.

Publication Notice and Disclaimer

The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.

Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.

This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.