Here’s the thing: I thought that phishers set their sights on a certain kind of naive person, someone who hadn’t heard all the warnings, hadn’t learned to be wary of their attacks. I thought that the reason that phishers sent out millions of IMs and e-mails and other messages was to find those naifs and ensnare them.
But I’m not one of those naifs. I’d never been tricked, even for a second, by one of those phishing messages.
Here’s how I got fooled.
He clicked a link, and didn’t look at the domain before entering his password.