The most basic security rule
As we've seen time and again, the most basic rule of security is to remember that people are really gullible and numb. My favorite and latest case in point? People open spam if promised naked Angelina Jolie photos. How is an IT security guy supposed to combat that? Sure, you can filter lots of stuff out, and Postini-type services seem to work, but if one slips through the cracks, it's pretty clear that some jamoke is going to open that email. Is it really possible that someone you don't know would just randomly send you naked photos of some celebrity for your perusal? No. It's really not. Are you going to open it anyway, pathetic cube dweller? Yes. Yes you are. If it makes you males feel any better, the ninth most effective spam subject line promises naked pics of Brad. So women are gullible and desperate, too. So, it may seem stupid, but it's probably a good idea for security guys to post messages around the office like, "Hey, if you get an email promising naked photos of a celebrity, don't open it. Or you'll be fired." Why be subtle, right?