According to a survey of 201 IT decision makers in UK SMEs, nearly half of small businesses have suffered data breaches due to workers opening dangerous links or attachments in spam emails. The research was carried out by Opinion Matters on behalf of GFI Software.
The survey found that 40 percent of businesses had suffered some kind of data infection due to spam email, while 4.5 percent said they didn’t know whether they had been breached or not. Unsurprisingly, three quarters of respondents believe they get too much spam, and 61 percent say the amount of spam they receive has increased over the past 12 months.
46 percent said that they only rely on their antivirus software to block spam while just 19 percent use a software anti-spam solution and 7.5 percent use a cloud based solution. Almost a quarter use an anti-spam network appliance.
Over half (62 percent) said that their anti-spam solution was only marginally effective while 8 percent said it was not at all effective. The main worry businesses have about spam is that malicious emails can contain dangerous links or attachments that can compromise network security, and the second most common concern is that of the possibility of phishing attacks.
Nevertheless 14 percent of companies still fail to educate their employees about the risks of opening spam messages.
Phil Bousfield, general manager of GFI Software’s Infrastructure business unit, said “This research shows that the spam problem is not going away. Businesses need to respond by taking advantage of all the latest spam-fighting technologies available to them. The most effective way to stop spam is to employ a multi-layered defense that encompasses on-premise and cloud-based anti-spam solutions.”
Most businesses still rely upon the anti-spam component of their antivirus solution to filter out undesirable and dangerous messages, particularly in organisations with between 50 and 99 employees, where 64 percent use this method of protection. Antivirus solutions are an effective component of a multi-layered spam defense. A comprehensive anti-spam solution should use a combination of defenses both on-site and in the cloud, argues GFI Software.