Hackers know this and its what makes social engineering so powerful; it’s way easier to convince a user you’re from the IT department and that you need their password to fix a non-existent problem than it is to try to guess or crack that password.
Keep in mind that ignorance far outweighs evil intent when one of your users does something inappropriate such as visiting a suspicious website. That’s why policies help reduce the amount of mistakes or ill-advised actions.
Contact us to put your security policies in place today.