The ongoing stress of the global pandemic, war, inflation and global uncertainty has made it difficult for people to manage everyday decision-making and leads to them more easily be conned by scams and cybersecurity threats, according to the American Psychological Association (APA).
A recent survey by the APA found that one third of people have such high stress levels that they were battling to decide what to wear or what to eat. This meant that mental health issues were now considered by many to be the pandemic of 2022 and, in South Africa, this was further impacted by additional stress factors such as the cost of living, crime and load shedding.
Anna Collard, SVP content strategy and evangelist at KnowBe4 Africa, said as people juggled these challenges on a daily basis, they were struggling to pay attention and make decisions, which was making them more vulnerable to cybersecurity threats.
“It’s easy to see how stress makes it easy for people to make simple cybersecurity mistakes. You’re tired, you’re not paying attention, you click on a link you’d normally avoid. You’re distracted and, in a rush, so you open an attachment you’d usually ignore. This is how the scammers and criminals are increasingly catching people unawares and putting both personal and business security at risk.”
The risk of being phished or defrauded rises incrementally with how tired and worn-out a person may be with research finding that 41 percent of employees missed a phish because they were tired and 47 percent because they were distracted.
In daily life, this could translate to falling for a fake email while getting into the car on the way to a meeting, only to have payment information phished by a spoof site. Or to click on an email that has been carefully designed to look like it was an urgent work message from HR only for it to be a scammer stealing one’s login credentials for the office. Every tap and click was an easy mistake that would cost money and the business.
“Our modern lives with mobile devices, apps, email and social media constantly fighting for our attention, result in cognitive overload and multi-tasking. This in turn makes us more error prone, stressed and also more susceptible to social engineering attacks. This is one of the reasons why companies should invest into wellness and mental wellbeing for their employees,” said Collard.
“And why security training should be linked to being present and, in the moment, and taking time to process information. People need to realise that their personal well-being is directly connected to maintaining their online security.
“The goal is to keep the mind active when it comes to very specific decision-making when confronted by potential phishing emails or cyberthreats,” Collard said.
“Cybercriminals as well as fake news use emotional triggering content such as fear, greed or curiosity to trick us out of critical thinking. If we learn to use our heightened emotions as early warning signs and apply mindfulness techniques to quiet down, focus and pay attention before we react, we can remain in control, focus better and in turn prevent cyberattacks.”
KnowB4 Africa said that security training was essential for the modern business, to give employees the tools they needed to recognise threats.
BUSINESS REPORT