Why "Just Be Careful" Is Not a Strategy
This is a member-only chapter. Log in with your Signal Over Noise membership email to continue.
Log in to readModule 1 · Section 4 of 6
Why “Just Be Careful” Is Not a Strategy
The standard advice — “don’t click suspicious links,” “verify before you send money” — was built for a threat landscape that no longer exists. It assumed that attacks would be detectable by the same humans they targeted.
That assumption is broken. Research from 2024 found that humans correctly identify deepfake voices only 54% of the time — essentially a coin flip. The best commercial video deepfake detectors achieve 78% accuracy on real-world examples. Your intuition, which was developed to detect human deception, is not calibrated for synthetic media produced by models trained on millions of examples.
Multi-factor authentication, which was supposed to be the definitive fix for account takeover, has the same problem: 84% of compromised accounts in documented 2024 incidents had MFA enabled. Attackers have developed sophisticated bypass techniques — tools like EvilProxy generate over a million MFA bypass attempts monthly according to Proofpoint.
None of this means you are helpless. It means the tools need to change alongside the threat. Understanding how these attacks work is the first step, because you cannot defend against something you cannot recognise.