Remote Workers Encounter 8 Risky URLs per Day, New Research Shows
.jpg "Filip Truta")
July 02, 2020
Given enough time, employees – especially those working remotely – will click on a link to a potentially dangerous website. But how much time? According to recent data, less than an hour.
Employees access 8.5 risky URLs per day, or 59 per week, according to NetMotion researchers. That would be more than once per hour in an eight-hour workday.
Amid work-from-home orders associated with the pandemic, NetMotion wanted to answer one question: do workers pose a greater cybersecurity risk at home than at the office?
The firm recently aggregated anonymized network traffic data from May 30 to June 24, seeking evidence of users attempting to access risky content, like URLs that would be blocked by firewalls and other corporate security tools that monitor internal network traffic.
The analysis revealed that employees clicked on 76,440 links that took them to potentially dangerous websites, all visited on work-assigned devices while using either home or public Wi-Fi or a cellular network connection.
The data also revealed the most common types of high-risk URLs encountered. In order of prevalence, these were: botnets, malware sites, spam and adware, and phishing and fraud sites. Many, if not most, of these remote workers would have been prevented from accessing this risky content had they been connected to protected internal (non-public) networks.
Other key findings include:
- Employees, on average, encounter 8.5 risky URLs per day, or 59 per week
- Remote workers also access around 31 malware sites per month, and 10 phishing domains
- Almost 1 in 5 risky links led to sites containing spam, adware or malware
- Phishing and fraud, which garner an outsized proportion of news, account for only 4% of URLs visited
Researchers caution that many organizations have no visibility into activity taking place on external networks, let alone the means to prevent it.
One explanation for that last finding could be that, despite ranking low among risky websites, it takes just one unwary employee to follow through with the devious content inside a phishing email. Lest we forget, phishing, whaling and business email compromise (BEC) campaigns remain highly successful in gaining initial foothold in an infrastructure.
tags
Author
Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.
View all postsRight now Top posts
FOLLOW US ON SOCIAL MEDIA
SUBSCRIBE TO OUR NEWSLETTER
Don’t miss out on exclusive content and exciting announcements!
You might also like
Bookmarks
