One of my favorite podcasts is Reply All, a podcast about the internet. They recently produced an episode explaining how easy it is to get phished and how devious modern phishing techniques can be. It’s a fun episode, and teaches us the following things:
- You don’t need to be stupid to be phished. In this episode, several extremely skeptical professionals are phished successfully. A successful phishing can sometimes be more of a testament to the skill of the phisher than the gullibility of the phishee.
- If an email looks even slightly weird, triple check all aspects about it.
- If you find that you need to re-enter your two-factor authentication more times than usual, make sure the URL in your browser is correct.
- Don’t phish your coworkers, even as an educational experiment. It can only end in heartbreak and recriminations.