Home > Uncategorized > A patch for human credulity

A patch for human credulity

November 24, 2004

Most computer attacks are directed at the computer itself; phishing attacks are directed at the user.  The official-looking phishing messages are designed to fool people into revealing confidential information like credit card numbers, Social Security numbers, and the like.

A BBC Online report on “phishing attacks” says that in October, over six thousand new varieties of phishing message found their way into the world’s inboxes.  Why so many?

Because something like five percent of people fall for it.

There’s no software you can buy to protect you from yourself.  But urging people to “be smarter” is not likely to help.  For one thing, it’s insulting.  People who have credit card accounts to phish aren’t usually dumb.  After all, they hold down a job, drive a car, and handle the other demands of everyday life.

The problem isn’t lack of intelligence; it’s too much trust.  Most of us can trust the people we know to some extent.  We do business with companies we trust.  When we see an official-looking email that seems to be from one of those companies, a trust response is triggered.  So we don’t question the message.

Just so you know: the message looks official because someone is trying to fool you.  Your bank or credit-card company will never ask you for that kind of information in an email.  Here’s what you need to know:

  • Your bank already knows the information, so they won’t ask you for it

  • Don’t even bother reading messages like that – they’re not from your bank
  • Never respond to phishing or spam messages in any way
  • Just delete the message

If’n it don’t look right, don’t smell right, don’t feel right… ‘tain’t right!

Categories: Uncategorized