April 21, 2021

Facepalm moments of your career?

Today I advised an end user to change his password because he clicked a link from a suspicious email. He told me “nah it’s fine. Whenever I get a suspicious email, I open the link on my phone using cellular data, so it’s all good.”

Comments

Cypher_Blue

> Our vendor’s password policy is weak, but their security is very strong.

Ghawblin

>Whenever I get a suspicious email, I open the link on my phone using cellular data, so it’s all good

While I would prefer users to not open weird things at all, that’s at least a pretty reasonable thing to do if you’re teetering on the edge of “not sure if spam or not”

My personal favorite is from when I was a consultant, and a business owner refused to believed they fell for a MITM attack and wire transferred $140,000 to a scammer with the excuse “This is a small town in GA no one would ever do that here”.

The concept that “literally any one of the billions of people in the world with an internet connection could’ve done this” was beyond them.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.