Reddit says: “As we all know, humans are often the weakest part of the security chain.”
Other than this being a trite phrase and a cheap excuse, it also probably doesn’t make the victim of the phishing attack feel better.
Maybe one day we'll stop blaming the victim in infosec...one day.
@lorenzofb OTOH, people /are/ the weak point in the chain. You, I, that genius down the street - we're all going to make dumb mistakes and probably already have.
Pointing out where the weak link is doesn't necessarily involve victim blaming. We should be designing in protection for the dumb mistakes people make.
Lorenzo Franceschi-Bicchierai
Grumpy Grimnir 