[pevey]

The “glitch” in most ransomeware and AP fraud attacks is an employee clicking on something or believing something they shouldn’t have. LinkedIn facilitates this, because it makes it easy to understand the org chart of a company and target newer employees with urgent, personalized requests from the “CEO.” One person at a place where I recently worked actually fell for it and was at a store buying a SECOND round of gift cards with his company card before he finally got a twinge and pinged someone to see if—perhaps—this might not be legit.

Training can only do so much. People have no attention span these days, and all warnings go in one ear and out the other, even in they are well-intentioned people (as this employee was).

[njovin]

At this point I'm baffled that the entire world doesn't know that if somebody is asking you to buy them gift cards, you're being ripped off.

Do we need to legislate having big "FRAUD WARNING" signs on every gift card display, just like we need "do not use in bathtub" labels on hair dryers?

[RajT88]

Tales from infosec...

Also the number of highly compensated tech workers who pirate software on the job. Guys, do not pirate shit at work!

Also: Companies, buy your employees software! It is super hard to talk an employer into spending money on software for productivity.

[toast0]

> Do we need to legislate having big "FRAUD WARNING" signs on every gift card display, just like we need "do not use in bathtub" labels on hair dryers?

The market has provided these without legislation, at least near me.