Just wondered how others promote threat awareness for friends, family, co-workers, and clients.
Every few weeks I email a half dozen employees & family members explaining one or other phishing attempt I’ve seen, just to keep it in peoples minds.
I heard someone else talking about a kind of email pen-testing service you can sign up for and they send scammy emails to see if the recipient falls for it. Seems like a great idea but only viable for me if it’s very cheap.
I could link to something on privacyguides.org in my email footer but I think that’s just virtue signalling more than anything actually useful.
10-15 minute brownbag sessions. People won’t be bothered to read privacy guides links you send them. Bribe them with food. Try to get them all together somewhere with the promise of some snacks/drinks then have an interactive session about what you want to discuss. Don’t make it a lecture, make it like a casual conversation. Pick a topic and start with a real life event that happened that may directly affect them (i.e. the recent ssn breach). That will get them engaged.
Every scam ends up on the news. I doubt if we can warn a wider audience than that.
It’s not really about reaching a wide audience, but about actually supporting the people I care about.
I don’t think even my elderly parents watch “news” anymore, and their main threat is vanilla type phishing emails.