How can marketing teams accidentally teach bad behavior (CTA mimicry)?
Marketing practices can normalize phishing patterns. "Click here immediately," urgent subject lines, and requests for account updates train recipients to comply with messages phishing might imitate.
Specific risks: using link shorteners (hides destinations), requesting credential entry through email links, creating urgency for marketing purposes, and sending from unfamiliar subdomains.
Better practices: avoid training users to click urgently, use recognizable sending domains, provide context rather than demanding immediate action, and consider how legitimate practices might be exploited by attackers.
Align marketing with security, not against it. Open an AI assistant with your question pre-loaded — just add your details and send.
Was this answer helpful?
Thanks for your feedback!