The Truth Trap

For reasons that are theorized – but not fully confirmed – human beings default-to-trust. In other words, it is more evolutionarily stable to trust someone in our inner circle than it is to begin from a place of distrust. We don’t always default-to-trust when we meet a stranger, especially if we’re in a new or uncomfortable environment, but when we are not under a perceived threat, almost all of us default-to-trust because the benefits of doing so outweigh the consequences of acting like a cynical, pessimistic jerk.

In real life, the default-to-trust strategy has stood the test of time. But, as evidenced by the incredible success of social engineering hacks, it is absolutely the wrong strategy for online life.

The recent socially-engineered Uber hack stands out as a perfect example. A worker believed they were being contacted by someone they could trust. So much so, that credentials were willingly shared. You know how the story ends.

Starting today, you should adopt two modes of operation: IRL and online. For IRL, you can do what works for you. Most of us know when to default-to-trust and when to adopt a defensive posture. However, when online, you must default-to-distrust. No one will ever be offended if you delete their email. If they are really your friends or potential customers or colleagues, they will reach out again. Either way, you’re safe.

Defaulting-to-distrust means not clicking on any links or attachments unless you requested them from the delivering party. No links, no memes, no attached funny movie files, no images, no PDFs… no clicking ever! No sharing passwords or credentials with anyone you don’t know personally – and never upon one request. (You should write back in a separate email to the person you believe is asking for your private or business info and have them confirm why they might need it; they never do, BTW.) Default-to-distrust means deleting emails without ever opening them if the preview doesn’t look right. Default-to-distrust means acting like a cynical, pessimistic jerk while online.

Clearly, this is not a natural way to approach our social interactions, but for safety’s sake, when online we must all default-to-distrust. The alternative is simply not evolutionarily stable.

Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.

About Shelly Palmer

Shelly Palmer is the Professor of Advanced Media in Residence at Syracuse University’s S.I. Newhouse School of Public Communications and CEO of The Palmer Group, a consulting practice that helps Fortune 500 companies with technology, media and marketing. Named LinkedIn’s “Top Voice in Technology,” he covers tech and business for Good Day New York, is a regular commentator on CNN and writes a popular daily business blog. He's a bestselling author, and the creator of the popular, free online course, Generative AI for Execs. Follow @shellypalmer or visit



PreviousWeb3 is B.S. NextIs the SEC Claiming That Ethereum Falls Under U.S. Jurisdiction?

Get Briefed Every Day!

Subscribe to my daily newsletter featuring current events and the top stories in technology, media, and marketing.