Auditors: Stop recommending that "The best way to stop phishing and social engineering is through user education and training". Please, just... stop. You can't train people not to be fooled, you can only build tools that catch them safely when they are.
-
-
I think it's more about training people to be suspicious of links based on where the link came from, rather than the actual URL.
-
This is a doomed strategy.
- 3 more replies
New conversation -
-
-
Yeah, I'm not arguing that we stop people from clicking unsafe links, that's a dead end imo though can be mitigated somewhat with education. The link itself is typically part of the attack (e.g. dangling DNS records) and it's easier to do security hardening for the other parts.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.