Telling users to ‘avoid clicking bad links’ still isn’t working

Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.

Source:: NCSC Guidance