Phishing won’t be a problem. Everyone here is smart.
tl;dr Stop shaming people for getting phished. Also, you can be phished.
We need to stop encouraging the idea that only dumb people get phished. That’s not how phishing works. Everyone can be phished, that’s the nature of the sport. People get busy, answer emails with their phones, and don’t have the time or attention to check every single link. Furthermore, phish shaming can breed complacency in our day to day computer activities.
What happens when you shame a phish:
- We shame victims of phishing. “Everyone here is smart.”
- The people listening aren’t cautious. They’re smart, they won’t get phished.
- They get phished.
- They feel bad and dumb.
- They don’t want to tell anyone that they get phished.
- IT folk don’t find out that credentials are floating around.
Yep. In fact, sometimes, even the phisher gets phished. ¯\_(ツ)_/¯