Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails
by Robin Dreeke, Michele Fincher, Christopher Hadnagy
Chapter 1An Introduction to the Wild World of Phishing
Lana: Do you think this is some kind of a trap?
Archer: What? No, I don't think it's a trap! Although I never do …and it very often is.
—Archer, Season 4 Episode 13
Because we're going to be spending some time together, I feel I should start our relationship with an honest self-disclosure. Although I consider myself to be a reasonably smart person, I have made an inestimable number of stupid mistakes. Many of these started with me yelling, “Hey, watch this!” or thinking to myself, “I wonder what would happen if <insert dangerous/stupid situation here>.” But most often, my mistakes have come not from yelling challenges or thinking about possibilities but from not thinking at all. This absence of thinking typically has led to only one conclusion—taking an impulsive action. Scammers, criminals, and con men have clearly met me in a past life, because this is one of the key aspects that make them successful. Phishing in its various forms has become a high-profile attack vector used by these folks because it's a relatively easy way to reach others and get them to act without thinking.