cybersecurity

5121 readers

13 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

174

Study concludes cybersecurity training doesn’t work (www.kpbs.org)

submitted 3 days ago by cm0002 to c/cybersecurity

48 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] xxce2AAb@feddit.dk 42 points 3 days ago (2 children)

That's a shame, although I unfortunately have no problem believe that's the case in general. I still personally benefit from the social engineering resistance training I've had over the years to this day though.

[–] bamboo@lemmy.blahaj.zone 24 points 3 days ago* (last edited 3 days ago) (1 children)

I still personally benefit from the social engineering resistance training I’ve had over the years to this day though.

Me too, I use it to get out of situations I don't want to deal with. "Ohh you're calling me asking for PII? Sorry, i can't provide that information unless I initiate the conversation. I'll call the number I have on file for you to provide that."

[–] xxce2AAb@feddit.dk 15 points 3 days ago* (last edited 3 days ago)

That's the spirit! "I'm not at liberty to provide that information" is one of my favorite sentences.

[–] stinky@redlemmy.com 21 points 3 days ago (3 children)

My toxic trait is believing that not answering the phone from unknown numbers is protecting myself from outside attackers

[–] xxce2AAb@feddit.dk 12 points 3 days ago* (last edited 3 days ago) (1 children)

It might be rudimentary, but I wouldn't say you're wrong.

Alternatively, pick up but answer the phone only with the word "Yes?", "Speak" or "You may proceed" (preceded by 'this line is now secure').

Then, when they ask "who is this?" answer that "if you don't know, you have the wrong number" and that "this call is currently being traced, pending review of a 'military tribunal'."

Do this with the flattest intonation you can manage.

That tends to get to them.

[–] Goretantath@lemmy.world 11 points 3 days ago (1 children)

Nah, there's AI that can clone your voice from a single word, not answering is the safest.

[–] xxce2AAb@feddit.dk 7 points 3 days ago

Point. Silence is good too.

[–] qweertz@programming.dev 4 points 2 days ago* (last edited 2 days ago)

My SIM provider has the option to not even route unknown callers to my device. Not that I get any, but just in case, even if it is not that common in Germany.

What some family of mine had to go through was social engineering harassment calls with some BS reasoning to get them to say "Yes"/"I agree" or something like that

[–] WanderingThoughts@europe.pub 4 points 3 days ago

Recently there were recruiters on LinkedIn freaking out that when they called someone, they would answer with "Hello?" and the recruiter thinks they're too good to be greeted with that.