Phishing attacks are simple exploits, but they’re also devastating. TechRepublic’s Dan Patterson met with Oren Falkowitz, CEO of Area 1 Security to discuss why it’s challenging to eradicate these simple hacks.

“Phishing attacks really rely on one key element and that is authenticity,” Falkowitz said. It lures on the inevitability of users who think they’re doing the right thing for their job or their lives, such as replying to emails from their CEO, or other trusted senders.

SEE: Cybersecurity in an IoT and mobile world (free PDF) (ZDNet/TechRepublic special report)

These attacks are primarily distributed via email. It can come in the form of an email with malicious links or an email with a malicious attachment, or it can even have no links or attachments but ask the reader for confidential information.

While it’s important for individuals to be aware of the risks associated with phishing, it’s also important to not put the blame on the individual for the damage done by the attack, he said. “We need technology to step in to protect users,” he said.

“More often than not we need technologies to be making decisions and taking actions to protect the individuals, the organizations they work with, and increasingly the data those organizations protect,” he added.