Do you know how to spot phishing attacks?

Three cognitive biases affect us all. Do you know what they are?

Cognitive tunnelling

Is this:

(a) a mental process we use to detect threats;

(b) a one-track focus on the urgent task at hand; or

(c) thinking how you might escape having to do an unpleasant task?

Affective heuristics

Is this:

(a) calculating the impact a potential phishing attack may pose;

(b) making decisions based on emotions instead of facts; or

(c) mentally evaluating who you think is your most pretentious colleague?

Authority bias

Is this:

(a) the desire to marry your first-born to a doctor or lawyer;

(b) instinctively trusting someone perceived to be in a position of power; or

(c) disliking anyone who has authority over you?

The correct answer to each question is (b). How many did you get right?

How to avoid falling into ‘bias’ traps

Refocus attention to counter urgency tactics

Scams rely on urgency or fear to distract us from scrutinizing the situation. Shifting your focus onto cues that don’t add up helps you manage attention biases. Step away from your device for a few seconds (a minute or two is even better) and go through verification steps (verify sender details, hover over enclosed links). Focus on facts to manage cognitive overload.

Regulate emotional triggers

Phishing attacks target our emotions first, and when your response matches the intensity of the manipulation, your thinking becomes reactive and rigid. A better response is to use affect labelling – consciously naming your emotions to see them as transient data points. This helps you regain emotional control and respond in a mindful way.

Check credibility

Most scams make unusual (and urgent) requests. Consult credible sources before acting on them. Simply asking yourself, “Why does this feel different?” can trigger your awareness and nudge you to verify with trusted sources. This credibility checking helps combat blind faith in authority, and reduces anxiety and ambiguity.

Establish transparent communication channels

Transparent communication channels throughout the organization empower employees to challenge questionable instructions and voice concerns freely. A workplace culture that encourages questioning, verification, and collaborative problem-solving helps builds resilience.