MegaFon and Kaspersky Lab spoke about the most popular “lures” of scammers for office employees

In organizations that regularly provide information security training, employees are better able to recognize digital threats and are six times less likely to open potentially dangerous emails. Experts from MegaFon and Kaspersky Lab came to this conclusion based on the results of a joint analysis of training phishing emails*.

As part of the analysis, experts recorded that 40% of employees click on suspicious links in training messages. Moreover, every fourth person (10% of the total) enters confidential data on a specially created test page. Another 9% open investments that could turn out to be malicious in a real cyber attack. During one of the checks, a record data compromise rate was recorded – 38%.

Employees are most confident in letters purporting to be from HR, finance and IT departments. For example, from a message on the topic “Calculation of bonuses”, 66.5% of recipients followed the training link. Almost a quarter (24%) were interested in an email with the subject line “The password for your account has been changed.” Also, notifications about the alleged “Violation of corporate policy for the use of Internet resources” did not go unnoticed: every fifth recipient clicked on a link from messages with such a heading.

In addition, 16% of test mailing participants each believed fake emails with the subject lines “Your insurance company has rejected your claim as non-medical” and “Calculation of tax debts for the current calendar year.”

Experts note that systematic employee training produces noticeable results. Among those who completed training programs, only 7% open suspicious emails, only 2% click on dubious links (20 times less than among the untrained audience), and only 0.2% compromise data (190 times less than the maximum rate).

“Today, phishing remains the main tool for compromising even the most secure companies: the majority of major high-profile attacks are carried out through phishing schemes and data compromise. Companies are beginning to realize the value of training programs and regular training – 95% of corporate clients repeat the event annually. At the same time, the demand for such socio-technical testing is growing slightly – by only 3.5% per year,” said Demid Balashov, head of cybersecurity product development at MegaFon.

“The goal of training in the field of digital literacy is not just to provide knowledge, but to change the attitude of employees towards information security. This is a long-term process: to be effective, it must be carried out on a regular basis. In addition, the program and list of required topics should be selected depending on the employee’s risk profile. It is necessary to carry out checks, for example in the form of test phishing mailings. It is this comprehensive approach that will give the maximum effect,” comments Marianna Nechetova, expert in improving digital literacy at Kaspersky Security Awareness. “At the same time, it is important to remember that cyber attacks are evolving and becoming more and more complex. To successfully counter them, it is important for organizations to combine technical and non-technical measures: not only to use reliable security solutions, but also to increase the level of cyber literacy in the team. Employee training must be systematic and based on real-life examples from practicing experts who analyze modern attacker tactics and methods.”

*The research results were obtained based on statistics from two solutions – MegaFon Security Awareness and the Kaspersky Automated Security Awareness Platform, a platform for improving employee cyber literacy. Training phishing mailings in Russian companies carried out in January – October 2025 were analyzed.

Advertising. PJSC MegaFon. erid: 2Vfnxxh5fz1

Newslab Now MAX. News is also published in Odnoklassniki | VK | Zen | Telegram