Security Awareness Training: Would You Get Duped by Attackers?
Kevin Haley, Director of Product Management, Security Technology and Response
What type of web site are you more likely to get infected with malware? A religious site or an adult site? If you’ve read Symantec’s Internet Security Threat Report, you know the answer. It’s religious sites. We discovered that a higher percentage of religious sites have been hacked into and loaded up with malware by the bad guys than adult sites.
We like to quiz people on this because it doesn’t meet expectations. Most people think that you’re more likely to get infected on an adult web site. The real message we try to convey is that any type of web site could infect you with malware.
Security professionals take care of the technical end of things to protect their end users. But end users can—and should learn how to protect themselves too. They don’t need to know how an “exploit” works. They simply need to recognize when the bad guys are trying to fool them. And this is where security professionals can further help train end users.
We can all do better in training end users to protect themselves against malware attacks. As part of Security Awareness Month, we did our part by putting together a presentation that helps end users—even those who work for security companies—to help them spot and avoid getting fooled by the bad guys. It’s fun and engaging. Even a security professional might learn a thing or two by tuning in.