"A Cybersecurity Researcher Explains How To Trust Your Instincts To Foil Phishing Attacks"
Phishing emails try to trick people into doing things they would not normally do, such as transferring money, running malicious programs, sharing their password, and more. Cybersecurity professionals often blame people for not noticing that phishing emails are fraudulent. However, Rick Walsh, a cybersecurity researcher at Michigan State University, suggests that most people nearly have the same skills as computer security experts in regard to recognizing fake emails, but they do not trust their own instincts enough. In an earlier study, Walsh found that cybersecurity experts, like most people, initially assumed a phishing email was real. As they read the phishing email message, they started to notice small irregularities such as typos or things like a bank providing account information in a message instead of alerting the recipient to access the information in the bank's secure messaging system. He discovered that these signs were not enough for the cybersecurity experts to figure out a phishing email was fake. They did not become suspicious until they found something in the message that reminded them of phishing, such as text aimed at getting them to click a link. When Walsh interviewed people without experience in computer science, he found that they had a similar process to that of the experts, which involved noticing things in the email that seemed weird and becoming uncomfortable. The challenge for most people was remembering that phishing exists and could impact them. Recognizing phishing attacks might explain the strange things contained by phishing messages, further emphasizing the importance of increasing phishing awareness among the public. This article continues to discuss the differences between cybersecurity experts and non-experts in recognizing phishing, and how to help people trust their instincts to avoid such attacks.