Posts

Phishing with emotion and stress results in bad choices

Recently on one of my personal sites, I received the below phishing attempt:

Phishing

I see a ton of phishing examples as part of PeopleSec’s Security Awareness Training and Education (SATE) program.  It is not often a phish in the wild catches my eye and looks like anything other than spam.  This email is an excellent example.  It causes stress that invokes an emotional reaction which in turn solicits an emotional response.

“Emotions can cloud our judgment and influence our decisions when triggered by the [stressful] situation at hand,” stated by Harvard Business Review (https://hbr.org/2015/05/dont-let-emotions-screw-up-your-decisions).

Emotional responses are at the core of successful social engineering and phishing attacks.  As an aside, the success of emotional responses is why we use so many of them in PeopleSec’s SATE program.

In summary, it is hard to keep emotions in check, and they cloud your ability to think.  So when you are stressed and emotional, Think Before You Click.