Who (in their right mind) would like to appear as the corporate dunce who infected their company network (by clicking on an email attachment or url)? Not you, not me, and certainly not the PR department or the company CEO’s administrative assistant, or even the CEO himself.
Phishing is an activity that cybercriminals utilize to acquire personal and sensitive information. Whether it is an account username and password, credit card details, a social security number, or other personal data — it is designed to coax you into giving up your personal information for criminal gain. For those of us who have been unfortunate enough to click on a deceptive phishing link or email attachment, it is an event that most of us would probably rather forget.
Phishing it up
Most of us are aware that if an email arrives unsolicited and includes grammatical errors, we should just delete it and continue on with our day. Not all phishing emails contain bad grammar, unsolicited attachments, or immediately request sensitive information. Last summer I received an email that appeared quite genuine, so genuine in fact — that I almost became victim to a very clever phishing scheme.