Senior staff at a third of top UK companies have fallen for an online game honey trap to test their security awareness.
In a campaign targeting 14,000 senior level decision-makers in Bluechip companies, including the FTSE250, NCC Group found that more than one third of recipients were willing to open and play an online game without knowing its origin.
A link to the game, "Bish Bash Bush", which features Hilary Clinton and Barack Obama kicking president Bush out of the White House, was anonymously distributed throughout December and January to coincide with the inauguration of the new US president.
A link to the game was distributed via e-mail and social media websites. In addition to risking their own security by playing the game, an alarming number of people forwarded the game to others, and it is now being played in 19 different countries, including Bermuda, Chile and Azerbaijan.
The widespread use of the game, says NCC, reinforces the message that it is not enough to have firewalls in place - determined hackers and data thieves will always be able to find a way to steal data or disrupt businesses whilst staff are unaware of the risks they may be opening the company up to.
NCC Group CEO Rob Cotton said, "We were astounded that staff in companies that hold significant volumes of financial information and personal details on customers, suppliers and shareholders, still made the decision to click on this unsecured link.
"With regular stories hitting the headlines about government departments physically losing data, it is shocking that so many people are actually helping cyber terrorists to bypass firewalls and corporate security tools and leaving themselves and their companies wide open to potential disaster."
Not only have recipients breached basic security protocol by clicking on the link, the game also raises another major issue, as NCC found that recipients played the game during office hours.