Phishing and the 8 Types of Email User

Secure Click News Phishing and the 8 Types of Email User

Phishing and the 8 Types of Email User





Curious Cat
This user exhibits insatiable curiosity and is often tempted to click on unknown URLs and email attachments. It might only take the lure of one enticing email for them to eventually click. This category of user will even dive into their spam or quarantined folder to fish out interesting looking emails just to satisfy their curiosity.
Risk Rating: Medium to High



The Egomaniac
Any lure that involves themselves or their ego poses a risk. Emails with lures such as “picture of you at party” or “you look great in this photo” can act like novocaine to their rational judgement.
Risk Rating: Medium



The Pattern-Matcher
This canny user is keenly aware of email patterns used by bona fide senders. In fact, it’s almost as if their brain has an in-built heuristic scanner for any email anomalies. Their suspicions are triggered by even small things, like un unusual email salutation or something that feels slightly “off”. As a result, any attachments or URLs will remain unopened. If an email arrives from an unexpected source, it will remain unopened no matter how enticing the lure. This user works slowly but fastidiously. Their brain operates as a very efficient mental brake by default, controlling any hasty actions.
Risk Profile: Low



The Eager-to-Please Rookie
They have just joined your organisation and are eager to make a big impression on their new colleagues and management. This type of email user can provide fertile ground for social engineers, however, as they are not yet au fait with the organisation’s work processes and don’t want to upset anybody. If they are working in a financial role, an email purporting to be from upper management to make a bank transfer can be dangerous, as can a request from “technical support” for login credentials for “essential maintenance”.  They can be receptive to inferences from social engineers that it is the ‘norm’ within their organisation to comply with their request.
Risk Rating: Medium



The Eager Beaver
The Eager Beaver email user is an uber-competitive employee who will do almost anything to get ahead. However, their greatest strength can also be their greatest weakness. When social engineers send them attachments or URL links pertaining to “performance reviews”, an “annual bonus” or “remuneration increases”, their strong competitive instincts can override their rational judgement and, as a result, they pose a clicking risk.
Risk Rating: Medium


The “I don’t know a lot” user
They readily admit they don’t know a lot about computers and are generally honest, calm and patient. If they suspect something is fishy about an email, they simply don’t open it or take appropriate action to assuage any doubts. This user has nothing to prove. Their calm demeanour, self-awareness and honesty all serve them well. Ironically, they are one of the safest categories of email user.
Risk Rating: Low


 
The Multi-Tasking Ninja
This user prides themselves on their multi-tasking skills. They can handle phone calls, PowerPoint presentations, RFPs, emails and will even manage some cheeky peeks at their favourite social media sites, and take it all in their stride. This works well most of the time, but if a cyber-criminal catches a busy Ninja on automatic pilot, it can easily result in a ransomware virus, spyware laden email attachment or URL getting inadvertently opened.
Risk Rating: Medium


The Repeat Offender

This user is already known to the IT department. They’ve had near misses before, they’ve repeatedly flunked phishing simulations and are adamant that IT is not their responsibility.
Risk Rating: Deadly
 


Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.