For reasons that are theorized – but not fully confirmed – human beings default-to-trust. In other words, it is more evolutionarily stable to trust someone in our inner circle than it is to begin from a place of distrust. We don’t always default-to-trust when we meet a stranger, especially if we’re in a new or uncomfortable environment, but when we are not under a perceived threat, almost all of us default-to-trust because the benefits of doing so outweigh the consequences of acting like a cynical, pessimistic jerk.
In real life, the default-to-trust strategy has stood the test of time. But, as evidenced by the incredible success of social engineering hacks, it is absolutely the wrong strategy for online life.
The recent socially-engineered Uber hack stands out as a perfect example. A worker believed they were being contacted by someone they could trust. So much so, that credentials were willingly shared. You know how the story ends.
Starting today, you should adopt two modes of operation: IRL and online. For IRL, you can do what works for you. Most of us know when to default-to-trust and when to adopt a defensive posture. However, when online, you must default-to-distrust. No one will ever be offended if you delete their email. If they are really your friends or potential customers or colleagues, they will reach out again. Either way, you’re safe.
Defaulting-to-distrust means not clicking on any links or attachments unless you requested them from the delivering party. No links, no memes, no attached funny movie files, no images, no PDFs… no clicking ever! No sharing passwords or credentials with anyone you don’t know personally – and never upon one request. (You should write back in a separate email to the person you believe is asking for your private or business info and have them confirm why they might need it; they never do, BTW.) Default-to-distrust means deleting emails without ever opening them if the preview doesn’t look right. Default-to-distrust means acting like a cynical, pessimistic jerk while online.
Clearly, this is not a natural way to approach our social interactions, but for safety’s sake, when online we must all default-to-distrust. The alternative is simply not evolutionarily stable.
Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.