This week I am hammered by a lot of spam messages on my Facebook page. I was sure those were from my lovely friends clicking on malicious links on their own page. I eventually posted a note and asking them to 'stop and think' before clicking on inviting links. A colleague responded and reminded me law #4 of Malcolm Harkins' Five Irrefutable Laws of Information Security - Users wants to click. It suddenly dawned on me that Malcolm's insight was so true. Fortunately, I'm still proud to say that I haven't fall as a victim of the malicious links and spamming my friends yet. Some of those inviting links I encountered were obviously macilious. However, some were on the border line of being legitimate. I had to hold my urge to click. Of course, some of them proved to be bad ones, too, after my friends clicked on them.
Here are the 5 laws from Malcolm. You can find them from Intel IT's whitepaper on Rethinking Information Security to Improve Business Agility.
Under the new connected, always on, and social internet age, how are you, or in fact, how should we all respond to the new paradigm and new kinds of information security risks? In my recent experience, the user is still the weakness link.