A little phishing knowledge may be a dangerous thing

From theregister.co.uk

Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Phishing works more frequently on those who understand what social engineering is than on those who live in blissful ignorance, or so a studyof students at University of Maryland, Baltimore County suggests.

Citing IBM data suggesting human error is a factor in 95 per cent of security incidents, researchers from the school’s department of computer science and electrical engineering conducted a phishing test to assess the relationship between demographic factors and susceptibility to phishing.

(The Register is having trouble imagining how humans wouldn’t be involved in most security incidents since even automated systems get set up by someone at some point.)

Read more…