Less than a year after a hack affected nearly 1 million U.S. Postal Service employees, a watchdog report finds that a quarter of USPS employees are still duped into clicking scam email links.
Additionally, 93 percent of the employees that clicked the phishing links did not report it to the Postal Service's Computer Incident Response Team, as required by policy. These findings by the Office of Inspector General present a potential security risk to the agency.
Investigators sent emails containing false links to 3,125 employees over a two week period. Of that number, 789 clicked on one of the fraudulent links in the phishing email.
The audit also found that of the 3,125 employees it investigated, 96 percent did not complete the annual security awareness training offered at the agency. Ninety-five percent of those who fell for the phishing emails did not complete the course.