Interruptions put us in a vulnerable state for cyber scams. We are programmed to “DO things” rather than “NOT do things”. Getting the job done is important, but at what cost?
The key reason we are tricked by phishing and cyber scams is that we’re trying to do our primary job.
Think of jobs like:
When an email or phone call is received, it is an interruption (sometimes welcomed) that demands our attention. We feel compelled to handle the interruption and get back to the main task quickly, to be productive.
So, when something is a little out of the ordinary in those interruptions, we are already in a distracted state. Being ready to deal with a potential threat at that point is difficult, especially one that may take us into another context.
Photo by Chelsea Gates on Unsplash
“The challenges were so quick I was able to do them in the time it took me to sip an espresso.” – IT Security Manager
For example, we may need to do an additional authentication check, like emailing or texting the person claiming to be the sender. We convince ourselves that it’s unlikely that this message could actually a threat, so we can get back to the task at hand.
We need to slow down when we are interrupted, so we can take the time to process those inquiries properly. One way to do that is to set aside times during the day for processing email and calls, such as 9am and 1pm. Then we can be focused on handling inquiries properly and safely.
Rushing to clear an interruption is risky these days.
Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.