We have all been cautioned so often about the risks of opening malware-infected email attachments, or clicking on fraudulent links embedded in an email, we can become desensitized to the actual danger. We think "surely, in this day and time, after so many warnings and notices no one would fall for such a ruse. Certainly not me." To the contrary, people still do. Just last month the ringleader of a five person cybercrime gang was arrested in Spain. The gang had targeted over 100 financial institutions around the world, gaining access to the banks' internal databases and systems through malware-infected spear phishing emails sent to the banks' employees. The gangsters were not only able to electronically transfer money into their own accounts, they managed to program ATMs to spit out cash on demand (ironically referred to as "jackpotting"). Over the past few years the five gang members caused more than $1 billion (yes, billion) in losses.
Phishing email schemes may be dismissed as old school, unsophisticated, and pedestrian. However, as long as phish take the bait, and low tech yields high returns, the schemes will continue.
Heed these wise words from Benjamin Franklin: "Distrust and caution are the parents of security."