This was going to be a “weekend read” but I thought it was important enough to be part of the main news feed.
For an email phishing scam to work it has to, in some way, make you trust it. This exploitation of your trust is called social engineering and it is is favourite attack vector for threat actors.
Here is an excellent article by Gareth Norris, (Senior Lecturer, Department of Psychology, Aberystwyth University), Max Eiza, (Senior Lecturer in Computer Security, Liverpool John Moores University) and Oliver Buckley, (Associate professor in cyber security, University of East Anglia) looking at how “being personal” will deceive even the most wary of us:
Email scams are getting more personal – they even fool cybersecurity experts (theconversation.com)
The iTunes card incident happened to one of our clients, except it was Amazon gift cards in that case.