---
title: "A Big Part of the Phishing Problem is You | Phish Protection"
description: "The days of a hacker sitting alone at their computer screen in a dark room probing for network vulnerabilities is a thing of the past. That"
image: "https://phishprotection.com/og/blog/a-big-part-of-the-phishing-problem-is-you.png"
canonical: "https://phishprotection.com/blog/a-big-part-of-the-phishing-problem-is-you/"
---

Quick Answer

The days of a hacker sitting alone at their computer screen in a dark room probing for network vulnerabilities is a thing of the past. That's too much work. \_To penetrate networks today, hackers almost always enlist the help of an inside accomplice: you\_.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fa-big-part-of-the-phishing-problem-is-you%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=A%20Big%20Part%20of%20the%20Phishing%20Problem%20is%20You&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fa-big-part-of-the-phishing-problem-is-you%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fa-big-part-of-the-phishing-problem-is-you%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fa-big-part-of-the-phishing-problem-is-you%2F&title=A%20Big%20Part%20of%20the%20Phishing%20Problem%20is%20You "Share on Reddit") [ ](mailto:?subject=A%20Big%20Part%20of%20the%20Phishing%20Problem%20is%20You&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fa-big-part-of-the-phishing-problem-is-you%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/09/phishing-definition-7787.jpg) 

The days of a hacker sitting alone at their computer screen in a dark room probing for network vulnerabilities is a thing of the past. That’s too much work. _To penetrate networks today, hackers almost always enlist the help of an inside accomplice: you_.

What hackers have discovered over the years is that it’s much easier to get unsuspecting humans to help them in their endeavour. This was confirmed by research and published in [Proofpoint’s Human Factors Report 2019](https://www.proofpoint.com/sites/default/files/gtd-pfpt-us-r-human-factor-2019%5F0.pdf). From the report, “_Over **99% of emails** distributing malware required human intervention_ \- following links, opening documents, accepting security warnings, and other behaviors - for them to be effective.”

![Phishing definition](https://media.mailhop.org/phishprotection/images/2019/09/phishing-definition-7787.jpg) 

Following up on that, an [article on Dark Reading](https://www.darkreading.com/cloud/more-than-99--of-cyberattacks-need-victims-help/d/d-id/1335769?%5Fmc=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190912&cid=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190912&elq%5Fmid=92928&elq%5Fcid=28171904) stated, “_Most cybercriminals target people, not infrastructure_: More than 99% of **emails distributing malware** from 2018 to 2019 required human interaction. Instead of targeting systems, criminals focus on people, their roles, and data they can access.”

Continuing from the report, “Regardless of the means of attack - email, cloud applications, the web, social media, or other vectors - threat actors repeatedly demonstrated the effectiveness of the **social engineering** tactics that convinced victims to click malicious links, download unsafe files, install malware, transfer funds, and disclose sensitive information at scale. Whether financially motivated or state-sponsored, _attackers all had one thing in common: an understanding of and a willingness to take advantage of the human factor_.”

You - you’re the problem. Ironically though, you’re not the solution. Perhaps you think that if you could just train your people enough to stop falling for all these exploits, the problem would go away. You already know the answer, don’t you?

![Phishing prevention](https://media.mailhop.org/phishprotection/images/2019/09/phishing-prevention-7788.jpg) 

The problem is we’re human, and so far, there just isn’t any cure for that. You can expect hackers to continue to exploit the weakest link in the security chain. So, while **security awareness training** is something every organization should invest in, it will never be enough. Companies are still going to need another line of [threat defense](/products/advanced-threat-defense/) when the humans that work there insist on being human.

That other line of defense is [cloud-based email security](/) with real-time link click protection. For those times when people do what people do, help malware along.

## Topics

[ Phishing Awareness ](/tags/phishing-awareness/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 14m  12 Real-World Spear Phishing Examples And The Red Flags You Missed  Feb 4, 2026 ](/blog/12-real-world-spear-phishing-examples-and-the-red-flags-you-missed/)[  Foundational 2m  8 million Android users fell prey to SpyLoan malware on Google Play Store  Dec 5, 2024 ](/blog/8-million-android-users-fell-prey-to-spyloan-malware-on-google-play-store/)[  Foundational 4m  A Brief Email Security & Phishing Safety Guide, Useful for IT and Email Administrators  Apr 1, 2021 ](/blog/a-brief-email-security-and-phishing-safety-guide-useful-for-it-and-email-administrators/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"A Big Part of the Phishing Problem is You","description":"The days of a hacker sitting alone at their computer screen in a dark room probing for network vulnerabilities is a thing of the past. That's too much work.","url":"https://phishprotection.com/blog/a-big-part-of-the-phishing-problem-is-you/","datePublished":"2019-09-17T06:59:51.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-09-17T06:59:51.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/a-big-part-of-the-phishing-problem-is-you/"},"articleSection":"foundational","keywords":"Phishing Awareness","wordCount":368,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/09/phishing-definition-7787.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"A Big Part of the Phishing Problem is You","item":"https://phishprotection.com/blog/a-big-part-of-the-phishing-problem-is-you/"}]}
```