UK firms are being targeted with increasing frequency in security attacks designed to exploit human weaknesses and curiosity through emails and social networkinh sites.
Research from Check Point has shown 42% of UK firms have been victims of social engineering attacks in the past two years.
The average number of attacks is just over the 12 a year mark at a cost of £15,000 per incident and the findings are likely to add more fuel to the fire over the security risks of social networking sites.
Social networking sites were the second most common platform of social engineering attacks after phising mails which are often directed not just at staff but what hackers see as the weak link in the chain, contractors and temporary workers.
"Because these types of attacks are intended to stay below an organisation's security radar, the actual number of organisations that have been attacked could be much higher," said Terry Greer-King, UK managing director for Check Point.
He added that the survey threw up one statistic that indicated how much opportunity there was in the market for the channel.
"Yet 44% of UK companies surveyed are not currently doing anything to educate their employees about the risks, which is higher than the global average," he added.