Opinion: There is no shame in being hacked
Accusing phishing victims of being gullible is malicious and counterproductive. Instead, help should be offered, says Ronald Eikenberg.
(Image: bearbeitet durch c't)
Online criminals on the one hand and legitimate companies and banks on the other are getting closer and closer to each other –, at least in terms of the quality of their emails. This is mainly because even moderately talented crooks are now using AI to formulate convincing letters in perfect business German.
Much more problematic, however, is the fact that genuine emails often look so suspicious that people are inclined to think they are phishing, for example because they lack a personal salutation. This in turn leads to online scammers being given more of a pass.
The situation is even trickier with calls: the cell phone rings at the most inopportune moments and you are forced to decide immediately whether you trust the caller or not. Text messages are no less dangerous if you happen to receive a fake text message about a delayed DHL or Hermes parcel just when you are eagerly awaiting a delivery.
Videos by heise
Even those who are generally aware of the dangers of such social engineering scams are not immune to being caught out by an email, text message or phone call from cyber gangs. This has nothing to do with gullibility or stupidity, but with the fact that you cannot always be on guard.
That's why it's completely inappropriate to point the finger at the victims or blame them, for example when the colleague at the desk opposite has caught a virus or mother-in-law has entrusted her data to a phishing website. Gloating only leads to those affected, who are already embarrassed by the situation, preferring not to tell anyone about it next time. And that can have even more fatal consequences.
The only right way to deal with this is to offer your help to those affected – both in repairing the damage that has already been done and in the future. Agree on a few basic security rules, such as checking suspicious emails etc. together. Because only together can we stand up to malicious phishing attacks and thoughtless company emails.
(rei)
