Check Point Email Security | Blog

20 Percent of Employees Failed Large Scale Phishing Test

Written by Jeremy Fuchs | December 9, 2021

Other API-based solutions work by remediating a malicious email after it hits the inbox. The hope this that it will be removed before the user clicks. 

According to research from Avanan, on average, it takes these solutions three minutes and three seconds to remediate and remove a malicious email from the inbox.  Depending on the environment, that number can skyrocket even higher. 

Research has shown that it takes, on average, 82 seconds for a user to click on a phishing attack. 

It becomes a race condition. 

Now, new data shows just how many users will actually click on a phishing email. In a new simulation from Terranova's annual Gone Phishing Tournament, 19.8% of end-users who received a phishing email clicked on the phishing link. Further, 14.4% of all users failed to recognize that the resulting webpage wasn't legitimate and proceeded to download a malicious file. 

So let's review the math. It takes three minutes and three seconds for some API solutions to remediate and remove a malicious email from the inbox. On average, it takes 82 seconds for a user to click on a phishing link. Now, we know that 20% of end-user will, in fact, click.

This means that a large portion of your user base will click on a phishing link before it is removed.

That's why detect and remediate doesn't really work. There's just far too much time for a user to click on a phishing email. And we know that plenty will.

The Avanan solution avoids all this.

The Avanan infrastructure is API-enabled, with patented technologies that offer very unique advantages over both SEG and other API vendors. Specifically, Avanan’s patent allows us to prevent the delivery of malicious emails before the inbox as well as deliver all the benefits of internal email protection and post-delivery enforcement.

Don't leave it to chance. Just block the email before it gets to the inbox and make everyone's life easier.