End user awareness training is still important. At one point in time everyone didn’t know how to type, let alone read and write. So education, and continuing education will always be important.
An IT department should be able to make it so even if a user clicks a link, gives away their password, and downloads something, the impact should be as minimal as possible. Maybe the user is locked out for half a day and needs to be issued a new computer before they can get back to work. But that is still less disruptive to automate locking them down and requiring manual intervention to unlock than a ransomware event.
I'm going to take a wild guess hoping you meant onions.
Shrek is long forgotten for me though I remember the web-based soundtrack player worked for quite a while longer than I expected after the movie website lost any real purpose. Many times it seemed scenes were written to tie in the popular music of the day, or maybe they just had a big licensing budget.
Also, someone got to shake hands of members of parliament, ministers, senators, governors, mayors, etc. took selfies with Gates, Malala, et al, and created 'content' for their LI profile, and are dubbed 'an influencer of security', and made it to some "30 under 30" list.
So yes.. :) a proper PR effort.
redman25•8mo ago
Not every phishing email can be caught before it reaches users and campaigns to raise user awareness I think are important.
beardedwizard•8mo ago
cmeacham98•8mo ago
Why not?
esseph•8mo ago
https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-u...
Because deception is easy
x0x0•8mo ago
See also the campaign to make users competent sysadmins of their own devices.
Hell, I almost got got because the morons running our cell networks let anyone text and claim they're fedex. No reason to authenticate a thing like that. I was waiting for a delayed / lost package so it wasn't crazy that fedex would be texting me. If they'd used a better link forwarder domain I probably would have clicked.