Don’t open that attachment! Most people can’t tell the difference between real email and phishing attempts

Nearly 80 percent of people cannot discern a phishing email from a legitimate email, according to a new survey conducted by Intel Security.

CBS News and Intel Security launched an online survey to test people’s knowledge and awareness of phishing emails with this week’s results showing that people aren’t too savvy when it comes to safely opening emails. In the test, users were sent 10 emails from McAfee Labs, a research arm at Intel Security. Some of the emails were perfectly fine while others were phishing emails. 19,458 people took part in the test and 80 percent of them fell victim to at least one phishing email – only a scant three percent scored a perfect mark.

Average internet users shouldn’t feel too bad though, as in a previous survey conducted by Intel, 94 percent of tested information security professionals were duped by a phishing email on the test at least once.

One of the emails that was misidentified the most in the latest survey was actually a legitimate message but it contained content on free ads, which led some people to be suspicious.

The US ranked 27th most accurate of more than 140 countries, with Americans averaged about 68 percent accuracy in identifying phishing. Participants in Iowa performed the best, with North Dakota coming out worst. France ranked number one with Sweden, Hungary, the Netherlands, and Spain all making up the rest of the top five.

Further breakdowns of the test results show that the 35-44 age group performed the best and men did better at identifying suspicious emails than women but with a slim difference of 67 and 63 percent respectively.

The failure rates of these tests show that phishing techniques have become even more convincing and dangerous.

Techniques have become more sophisticated over the years, warns Frank Abagnale, the infamous conman turned security consultant. Some phishing emails try to lure you to a fraudulent website where it seeks personal or financial information about you for identity or monetary theft; meanwhile there are some techniques that install malware merely through one click. He spoke recently at the University of Texas Center for Identity conference recently, and discussed how cybercriminals are using these methods to fund massive operations.

“We’re talking about billions of dollars. It goes back to funding human trafficking, drug trafficking, child pornography,” he said. “So, not only are they stealing our money, but then they take that money to commit worst crimes against humanity.”

Users are also urged to keep their antivirus up to date to protect their computer while exercising caution with any link, such as hovering over a link to see what the URL is before you click.

“Review your emails carefully and check for typical phishing clues including poor visuals and incorrect grammar, which may indicate that the email was sent by a scammer,” advised Gary Davis, Chief Consumer Security Evangelist at Intel Security.

The CBS quiz is still available online if you would like to put your phishing detection skills to the test.