Guy Dixon of The Globe and Mail writes:
That message from an Eastern European stranger who would like to make your acquaintance is obviously bogus.
So is that random PayPal notice. Yet the e-mail from a manager at your company, authorizing a money transfer, could just as easily be the work of criminals, too.
“The problem is that you can’t stop it fully because the bad guys are relying on the human factor. You’re dealing with psychology,” Mr. Tobok said.
Also, employees may wait to fess up whenever they think they might have clicked on something nefarious, but an immediate response is crucial. “Those five, 10, 30 minutes are critical to potentially contain whatever they clicked on,” Mr. Tobok said.