One in five fell for ‘e-mail virus’ experiment

Erasmus University Rotterdam, in collaboration with Fox-IT, carried out an experiment in which a phishing e-mail was sent to university staff. One in five employees actually clicked on a malicious link, and just under half of them downloaded and even started an application.

In May, the university sent the e-mail to some two thousand employees to measure how many employees would fall for a phishing mail. More employees than expected fell for the phishing mail. There is valuable information to be taken at universities: the personal data of thousands of students and staff, but also valuable scientific information. Worldwide, about 75 percent of the organisations are targeted by phishing attacks. With this experiment, the university wanted to test its own vulnerability in order to be able to take the necessary security measures.

Fox-IT: ‘9 percent of the entire group was eventually infected’

Of the 1929 employees emailed, 71 percent did not open their mail. 9 percent sent an out-of-office-reply and one in five employees actually clicked on the rogue link in the mail. Just under half of them downloaded and started the application. Overall, 9 percent of the entire group was ultimately ‘infected’, according to the official Fox IT report.

In 2019, the university wants to focus on staff training. The experiment could then possibly be repeated to see if the results have improved.



For a more secure society
  • Experts
  • Services
  • Technology