MicroStockHub/iStock/Getty Images Plus
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
Phishing is a major and growing threat to businesses.
But phishing awareness training has a minimal success rate.
Researchers urge organizations to invest in countermeasures.
A new study has confirmed what many of us suspected -- employee phishing training is simply not worth the effort.
The study, conducted by UC San Diego Health and Censys researchers, found that phishing-related cybersecurity training programs had no effect on whether or not employees were duped by phishing emails.
After analyzing the results of 10 different phishing email campaigns sent to over 19,500 employees at UC San Diego Health over eight months, the researchers found "no significant relationship between whether users had recently completed an annual, mandated cybersecurity training and the likelihood of falling for phishing emails."
Also: This 2FA phishing scam pwned a developer - and endangered billions of npm downloads
... continue reading