Common sense won't protect when the website into which you are entering things like Credit card info has been hacked, nor will it save one when Server FTP credentials have been compromised so that the normally safe download isn't that safe anymore.
Common sense also doesn't protect when the IT guys at your favorite website turn out to be dummies. Case in point here is the recent Target breach. Even though those Target IT 'professionals" received numerous alerts from Symantec Endpoint as well as FireEye (and I've personally seen the FireEye logs and they go on FOREVER), they informed those monitoring that all were False alerts and should be disregarded.
Whom the Gods would destroy they first make Proud.
Well yes you do have a valid point here but you are also wrong,
First of all the website that accepts credit cards should have taken proper security and their IT staff should have made sure that the web page is hardened and not just a simple SSL and HTTPS layer.
Sure nothing on the planet is 100% hack free, but if i take ABN Amro bank (Netherlands) as a example they got hacked and the web page automatic closed itself and made sure that no private details could have been harvested. So even if you wanted to use the web page to do your online payment it would be impossible during the hack.
So its certainly not impossible to be sharp security wise.
Most so called IT professionals have been stuck in the late 90's and base their knowledge on a rather old mainstream idea.
Now do not get me wrong i am not saying they are not educated and neither am i saying that they are dumb.
What i am saying is some of those IT guys have become a danger to their own security because they know so much about it and assume that it will be alright after all they have not been hacked for years.
However the new generation of IT professionals are more dynamic instead of the static behavior displayed by the older generation.
Also in todays world the IT standards have changed so much that the older generation just cannot match fresh IT guys.
I see this every day across our clients. So common sense really does work and really does have a large impact in your every day computer habits, and if used wise it will outperform your security software pretty easy.
If a person sticks with trusted web pages then the odds that he is going to be hacked or infected a slim to none.
As for the FTP credentials yes people are sloppy with them, however if i am looking within my own company and job i cannot see those credentials being a security leak as i could give them right now to you and you would not be able to login for the plain and simple reason your MAC and IP + USER / PASS and Key-code are locked to our computers.
So a computer outside the authorization list just cannot communicate with the network in the first place.
And with common sense and some computer skills you can actually set your local FTP client to bind the account to your PC, so if your friend steals the code he would not be able to login and you can do that server side as well.
So here comes common sense and basic computer practices into play again because you as a user do have at least a solid base line security on your PC which would significantly reduce the odds that someone is snooping your details in the first place.
Bottom line is:
1 People want no hassle + great user friendliness
2 Everything needs to be automatic
3 Must be able to do it all
4 Do not want to spend time understanding it
5 Do not care about their computer and software because after-all it runs
6 People want performance and cheap & free 1000% hack proof products
And i can continue the list...
There is just no such thing and it all comes at the cost of security and reliability.
So i venture to say that if 10 people here would participate in a test (Yes i will make a test if you guys want) and you follow the test to the letter, then i guarantee that the odds that they will get infected (Even when they try it manually) will be at least 70% lower.
And its nothing fancy its just common sense. So here is the deal i will make a test if 10 people ask me.
Then you all can see what i am talking about...and then those who argue common sense and browser habits can have a go..
How does that sound?