Published 10 Jul 2020

Furloughed professionals may return to face a tsunami of emails, and they may not give them the due diligence needed to avoid succumbing to phishing attacks, according to a new survey from KnowBe4, a company specialising in security awareness training.

Under the UK government’s Coronavirus Job Retention Scheme, furloughed employees are not allowed to provide any work-related services to their employers. This potentially includes checking emails, especially if the worker in question replies to customers or forwards communications to a co-worker who isn’t on furlough, and any violation could result in hefty penalties.

Despite the problem, only just over half of employees surveyed said they had received guidance about dealing with email. What’s more, less than half could say for sure that an automatic reply had been set up on their work emails, so senders could be given an alternative contact or asked to get in touch later. This potentially means that many inboxes have been left unattended for months, leaving returning staff with a mountain of emails to go through.

When asked about dealing with phishing emails, 48% of respondents said they expected their IT department to have filtered them out already. Only 37% accepted that they were personally responsible for identifying and reporting suspicious emails. The survey also suggests that many may drop their guard as they go through their email mountains, with 47% of respondents reporting that they would deal with the backlog in as little time as possible, and only 38% saying they would go through their emails with care to avoid clicking fraudulent links or opening malicious attachments.

The report summarises the situation and recommends preventive actions in its conclusion:

“When workplaces start welcoming their employees back, they’re inevitably going to be under pressure to catch up with all their missed correspondence. And that pressure has the potential to introduce security liabilities, particularly as workers rush to catch up on several months of unread emails.

“Workplaces would therefore be wise to implement technologies that can mitigate the risk of phishing. Leaders would also be wise to offer security training. With employees having been detached from their working lives, it couldn’t hurt to offer a refresher on the basics that have perhaps been forgotten under lockdown.”

It also recommends responding to any incidents with support and compassion rather than blame and anger, especially given that many workers may have experienced stress or trauma while in lockdown.

The report highlights some differences according to sector, and no doubt individual organisations vary widely in their implementations to cybersecurity training. At Pro-Network, we can help ensure your organisation is well prepared. With our managed IT support services, we can provide technologies to mitigate the danger posed by phishing campaigns and other cyberattacks, as well as provide training that will enable employees to more easily recognise potential threats, even when they have a large amount of correspondence to deal with.

 

Please share this post using any of the following share buttons.

Read similar posts to this article

Hacker Explores Dangerous Territory...

Enhancing Remote Work Security: The...

Cyber Security Services