| ▲ | NitpickLawyer 6 hours ago | |
> As a field, we already know how to do security Uhhh, no, we actually don't. Not when it comes to people anyway. The industry spends countless millions on trainings that more and more seem useless. We've even had extremely competent and highly trained people fall for basic phishing (some in the recent few weeks). There was even a highly credentialed security researcher that fell for one on youtube. | ||
| ▲ | simonw 5 hours ago | parent [-] | |
I like using Troy Hunt as an example of how even the most security conscious among us can fall for a phishing attack if we are having a bad day (he blamed jet flag fatigue): https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mail... | ||