OTTAWA – Lawyers at Canada’s justice department were fooled into providing confidential information by responding to phishing emails far more than average Internet users, according to security test results released Monday.
According to Canadian government figures, 156 million phishing emails are sent worldwide on a daily basis.
An estimated 800,000 people are tricked into opening them and providing confidential data such as passwords or banking information, usually after clicking on an embedded link.
However, in tests conducted by the Canadian government, 1,850 — or 37 percent — of Justice Department lawyers who received fake phishing emails were duped.
No government information was at risk in the “controlled exercise designed to inform and educate employees on issues surrounding cyber security,” department spokeswoman Carole Saindon told AFP.
But the findings have raised concerns about the integrity of information in government hands should bureaucrats fall for actual phishing emails.
The tests “specifically dealt with the threat from phishing, which is increasingly being used as an attack vehicle of choice by cyber criminals,” Saindon said.
She noted that the awareness campaign has resulted in “significant improvement” from a first test in December to two more in February and April.
A new law takes effect in Canada on July 1 that bans sending unsolicited or spam emails.