Third of senior staff at top firms fall for game honey trap
Senior staff at a third of top UK companies have fallen for an online game honey trap to test their security awareness.
In a campaign targeting 14,000 senior level decision-makers in Bluechip companies, including the FTSE250, NCC Group found that more than one third of recipients were willing to open and play an online game without knowing its origin.
A link to the game, “Bish Bash Bush”, which features Hilary Clinton and Barack Obama kicking president Bush out of the White House, was anonymously distributed throughout December and January to coincide with the inauguration of the new US president.
A link to the game was distributed via e-mail and social media websites. In addition to risking their own security by playing the game, an alarming number of people forwarded the game to others, and it is now being played in 19 different countries, including Bermuda, Chile and Azerbaijan.
As a security analyst I face this every day. Too many times I have gone into a place and been able to easily trick the C levels into this same type of thing. All too many times, I ask pertinent questions about security issues like not opening random emails with zip files or EXE files and I get the same blank stare back.
I think there needs to be a movement out there. A drive and a program to teach C levels the ins and outs of security. A come to God kind of workshop or boot camp I think. Only this and regular training will prevent this type of thing from happening.
We are our own worst enemy…