The scenario is all too familiar. Aunt Myrtle calls, knowing you’re into “all that computer stuff.” She got an email from her online book seller asking her to please verify her information. Since you’ve already told her not to click on things like that, she called the book seller on her rotary dial phone. Of course, she couldn’t get through the labyrinth of keypad commands. So she called you instead. Should she click on it?
Those of us who spend hours ogling a computer monitor, who make decisions about company technology, we know exactly what Aunt Myrtle should do, but we forget that there are more Aunt Myrtles out there than we like to imagine. According to a survey conducted at the Black Hat USA conference this year found that spam filters are far from catching all the phishing messages, and that users are woefully unskilled at dealing with these emails.
It would be nice if the users we refer to were all of the Aunt Myrtle category, with the rotary phone and the Tuesday night Bingo games. But this survey notes that corporate employees are receiving these messages in their inboxes, and that the level of training often consists of no more than an annual computer-based training. There is often no human interaction in these training modules, leaving no room for employees to ask questions and learn about the cycle of phishing.
As we skate further into ecommerce and digitizing our lives, we must have a way to safeguard users from inadvertent authentication lapses they may self inflict. This is why Tricerion’s SafeLogin, which is phish-proof, is such a strong player in today’s digital economy.