New research from the Clearwater, Fla.-based security firm KnowBe4 revealed that men are 225% more likely than women to divulge sensitive information as a result of phishing attacks.

KnowBe4’s quarterly phishing analysis examined 201,755 phishing emails sent over a 30-day period and found that men were more likely to click on them than women were. Over a 120-day period, the firm also distributed simulated phishing emails leading to a data entry landing page that asked users to input their credentials. As a result of this experiment, KnowBe4 found men gave up their credentials more than twice as often as women did.

Be sure to register today for Data Breach Defense, the free CU Times cybersecurity virtual conference on Oct. 6. Find out the latest credit union liability and risks, as well as security measures you can take to ward off cybercriminals.


According to the firm, this is the first time information has surfaced that points to this type of pattern, and it has prompted the launch of a detailed scientific study that will take into account the gender and position of a targeted employee.

“In most companies, the number of phishing-prone staff tends to hover around 16%,” Stu Sjouwerman, founder/CEO of KnowBe4, said. “After utilizing interactive training and simulated phishing attacks, the likelihood of employees being fooled drops considerably, [it] typically drops down to 1% or 2%.”

KnowBe4 provides a free tool for organizations that allows them to test their employees’ susceptibility to phishing attacks.

Successful phishing attacks lead to employee productivity loss and uncontained credential compromises, which together cost an average-sized company $3.77 million per year, according to a report published by the Pittsburgh-based Wombat Security Technologies and Traverse City, Mich.-based Ponemon Institute.