Cybercriminals are regularly presented as twisted geniuses by the popular media, beavering away in dank basements constructing the latest malware to mess up critical national infrastructure or honing code to break into bank accounts and steal millions.
The truth is, of course, often somewhat less dramatic. The simple truth is that you don’t need to build a sophisticated attack to trick the typical computer users into clicking on a dangerous link or attachment. You just need to dress it up as something alluring (a naked video of Natalie Portman or a bill for an air ticket you never purchased would probably do the job, for instance)
And sometimes, you just need to ask users a question with a straight enough face. If you’re bold and brazen enough, you might just get away with it.
Take this elementary phishing attack that was seen by a Naked Security reader late last week, for instance.
Yes, there are typos and inconsistencies in the way that words are spelt in the email, and…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.