What, 82 seconds!

I suppose people are fooled and then quickly enter credentials, or open the site and it's done.

Only the other day i received a document that was perfectly timed to coincide with an update to a service I use. The document used an incoming e-mail address which must have been harvested. It was never given out to anyone apart from the spammers. My system indicated spoofed links, so it never got further. Had its timing been a week earlier or later it would have been ignored entirely.

It takes 82 seconds for cyber-thieves to ensnare the first victim of a phishing campaign, a report suggests.

Compiled by Verizon, the report looks at analyses of almost 80,000 security incidents that hit thousands of companies in 2014.

It found that, in many companies, about 25% of those who received a phishing email were likely to open it.

"Training your employees is a critical element of combating this threat," said Bob Rudis, lead author on the report. Report: 82 Seconds To Ensnare a Phishing Victim [bbc.co.uk]