Did you know that 30% of all phishing emails are opened, and 12% of the malicious links in those emails are successful in finding a target? Or that the average phishing attack on a medium-sized business can cause $1.6 million in damages? I didn’t until I watched the above video from The Modern Rogue, a blog and YouTube channel by magician Brian Brushwood and writer Jason Murphy, and it’s a handy reminder to be wary any email that asks for your personal information.
If you don’t know what phishing is, no, it has nothing to do with the Vermont-based jam band. It’s the act of sending out emails to unsuspecting marks like one would cast a line out into a pond to catch a fish. The lure in this case is an email which looks legitimate and is crafted to instill a sense of urgency – a warning that your password has been reset, or that your bank account might be compromised. The hope is that the email looks real enough and you are so caught off guard that you click the link inside, inevitably handing over whatever personal information the phisher desires.
It’s different from 419 scams (aka, The Nigerian Prince scam, which The Modern Rogue also covered) because phishers are often trying abuse your trust by using social engineering tricks and posing as people or businesses that you trust.
The video is a crash course in how phishers try to bait you, offering advice on how best to avoid getting phished yourself as well as a brief glimpse at some of the tools that are often used to keep scammers from getting caught. If you spend any amount of time on the internet, you owe it to yourself to give it a watch, especially if you think something like this could never happen to you. Like Brian says in the video, it’s as true in magic as it is online: the people who think they can never get fooled are the ones who end up becoming the easiest targets.