A wise friend of mine told me a while back he does not like the word “idiot”, and I can understand why.
It’s used so frequently sometimes it’s almost immediately disregarded, but at the same time can be used in such a harsh manner it cuts us deep.

In my field I encounter many people that other techs would consider to be “idiots”.
I prefer to reserve that name as shorthand for “willfully ignorant”, not the uninformed.

People feel ashamed when they get compromised by a well crafted phishing scam, or get a virus while behaving online.
They feel like idiots.

Very few actually are though.

They are pit against hackers and groups that have spent an insane amount of time and experiments crafting more and more clever schemes to get you to give out your passwords, or download an Adobe or Java update that looks just so perfectly legit.
That doesn’t make you an idiot, that makes you a victim. And that’s OK.
There’s so much time consumed by IT staff all around the world just to keep up with this that the average user cannot, and should not, be expected to keep up 100%. Just the most common stuff at the time, and even then just knowing the basics can be a great defense.

If and when you’re compromised, please don’t run away, don’t hide your head in the sand and hope it’ll just go away. It rarely will, if ever.
Speak up immediately to your IT staff, IT support company, or anyone you think can help you.
Admit you made a mistake, or that you were casually browsing and mis-clicked, or that you just plain don’t know where it came from. It’s not uncommon for a legit site to be compromised and start handing out malware, or redirect you. Whatever you do, please tell the truth.
The more we know, the more we can help get you up and running, and try to stop this from happening again.

If on the other hand you let arrogance take over your judgement, behave recklessly, get compromised and blame someone else, then, you’re an idiot.