Are Phishing Assessments Really a Thing?
By now, you've probably heard that some organizations are using simulated phishing attacks on their employees. Is this a smart thing to do, or is it just the security team trying to scare people?
Filling up employees' inboxes with even more malicious email may just sound cruel. But there's a very good reason for doing this.
Google is offering an innovative messaging product called Allo to compete with other mobile messaging apps. It has features like suggesting responses to messages from your friends, to save you time. But to do this, it needs access to all of the message content. On the other hand, you will have an option to turn on end-to-end encryption, which uses the secure SIGNAL protocol... On the other hand, if you do turn on the end-to-end encryption feature, you won't get the "sizzle" features like the message reply suggestions. So, let's just be clear about privacy versus convenience.
If you think companies you trust have good security practices for authenticating their customers in phone support calls, you may be right. But the security of call-centre support processes is becoming a serious issue. Every call-centre rep is human, and humans respond to emotional situations in different ways. This is what many attackers are learning to exploit.