The phrase “practicing safe hex” is a pun on the more obvious phrase having to do with morality and the avoidance of deadly diseases. The term came up at work one day about ten years ago when one of my engineers, Scott, blurted out the phrase during a conversation about our end users’ propensity to open spam e-mails and visit untoward websites.
Our users knew little about good Internet hygiene, but do today’s users know any better? Barely. They still open spam, they still visit websites cited in spam, and people are more gullible than ever when it comes to phishing and pharming.
Awareness training isn’t working, and it hasn’t worked well, ever. Technical controls can’t block all of the noise, nor protect people from themselves. Despite the best intentions, PC’s still do their masters’ bidding, even when that means running into trouble in the Internet’s back alleys where the hoodlums hang out and victimize the vulnerable.