[everydaypanos]

> Your non-technical family members and friends will likely fall for these at some point. For their sake, disable them.

As the famous proverb says "give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime". The best way to "fix" phishing attacks and malware is by making people more "technical". The only way to eliminate these phenomena is by educating people about what a Push Notification really is and that you simply don't have to click it.

The Web needs to be a competitive platform for apps next to the closed and "gated" App Stores. I think that we should not dumb down web browsers to simple page viewers.

[ufmace]

I've been around the tech world for a few decades. This sentiment has often been repeated about things like this, but I no longer believe that it's viable. The tech world is just too fast-moving, which means there's not really any such thing as "education". If you manage to teach someone something, it'll probably be out of date in a year or two, if not less. You have to pay attention to the latest trends all the time to really be knowledgeable about it. That just isn't going to happen.

[AlexandrB]

> The best way to "fix" phishing attacks and malware is by making people more "technical".

I've been trying to do this for 25 years. It has yet to be successful. Especially since the vectors of attack change constantly.

> The Web needs to be a competitive platform for apps next to the closed and "gated" App Stores. I think that we should not dumb down web browsers to simple page viewers.

Disagree 100%. With native(ish) apps at least I can do things like block internet access if I don't want them to "phone home". I can also downgrade (or not upgrade) them if they push regressive "updates". Web apps take all control away from the user. We need ways of running whatever we want on mobile. But using web apps as a workaround is a cure that's worse than the disease.

[macNchz]

I've managed to get my parents to be suspicious about emails and phone calls, to forward me anything they're unsure of, to reply to any communications purporting to be from their financial institutions by calling back with the number on their card or statement, to install updates as soon as they become available, to use unique passwords for everything and so on....but I still regularly find malicious extensions installed on their browsers and homepages set to some fake version of Google.

I continue to try to educate, but nowadays I make sure they always have ad blockers installed (I believe most of the tricks they fall for stem from malicious ads) and I try to lock things down and disable features where it makes sense. I dislike the locked down world of iOS and what has become of MacOS, but I appreciate having it for devices they use. This is part of my job, I think about this stuff every day and I still worry I can't keep up, so I can't really expect the same from them.

[whiddershins]

Many people are not ever going to ‘be more technical.’

Any plan now and going forward has to take this reality into account. Not blame the victim.

[lloydatkinson]

Yes, that was a pretty outlandish suggestion.

[scarface74]

How has that worked out for the past four decades?