We’ve had meetings spelling out to users what they should look for in a suspicious email. Then, once a week we would send out an email that was either legitimate or suspicious. We would ask them to look closely at the email and mark down on the questionnaire whether the email was suspicious or legitimate. A not insignificant number of people failed the test every week. Your average user just isn’t equipped with the mindset they need to be safe on the internet.
We’ve had meetings spelling out to users what they should look for in a suspicious email. Then, once a week we would send out an email that was either legitimate or suspicious. We would ask them to look closely at the email and mark down on the questionnaire whether the email was suspicious or legitimate. A not insignificant number of people failed the test every week. Your average user just isn’t equipped with the mindset they need to be safe on the internet.
That is a completely different issue from “not having privacy at all” though.