Most of us have heard the stories about phishing and sometimes we just cannot believe what people fall for. Yet, it’s important to realize that people fall into these traps when they’ve let their guard down. It happens when they’re in the middle of work or communicating with family. We cannot fault people for this.
Do we really want to live in a world where every conversation must be viewed suspiciously?
Let’s cut people some slack. Yes, they might have missed the warning signs but often those are only obvious AFTER the scam has been identified.
Also, many legitimate emails come to us with the markings of a phishing scam. Take a look at the message I got from Common Sense Media recently.
Let’s go through the “watch for phishing” checklist:
- Message comes from email address that doesn’t match domain
- Message is asking users to enter login credentials
- Links in message point to a URL different than the domain
- Link takes user to suspicious looking pages
It’s the last two bullets that made me think I was phished. When I clicked the FAQ link I was sent here:
It turns out that Common Sense Media uses Salesforce for their help and support pages. That’s where the suspicious looking commonsense.force.com url came from. Phew.
In the end, I think it is way too easy to blame the people who are phished. What can we expect when some of the tools and tricks for legitimate communication are the same tools and tricks that are used to deceive us.
So, the next time you learn about someone who was duped by phishing, go easy on them and focus on helping them back to safety. They’re already embarrassed. Plus, it could happen to you next.
RSS - Posts
Recent Comments