Today's top stories

How to reach that person who will click on anything

There's always that one person who falls for every phishing scam. This is how you break them of that habit.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Anyone can be phished with the right targeted spear-phishing campaign, but we all know that person in our organization who will click on any phishing email no matter how fake it appears to everyone else. How do you reach that type of clicker?

Intelligence is no indicator of whether a person will be overly susceptible to a phishing attack. Some of the world’s smartest people — doctors, lawyers, engineers, scientists, even Nobel Physics prize winners — have fallen victim to phishing scams. So, what makes a person overly susceptible to phishing attacks? How can you change your security awareness training strategy to account for them?

The good news is that people are studying the issue, trying to determine what attributes make a person more susceptible to phishing. Dr. Matthew Canham, for example, is currently a post-doctoral scholar with the Institute of Simulation and Training at the University of Central Florida. His research focuses on the topics of spear-phishing vulnerabilities, human hacking and online influence. His research aims to identify the individual traits that predict which users will most likely fall victim to repeated phishing and other social engineering attempts.

Phishing victims are the least criminally minded

Bless those Ph.D.’s! When I first met Dr. Canham I got super excited. We all talk about humans being the weakest link in computer security (not necessarily true), but here was a guy researching and collecting data about why that is so. If you want to change the world, you need data. I predict Dr. Canham will be in demand for his services when he gets through with his scholarship duties.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.