Phish is a bad band

Phishing emails have gotten vastly better. Since I first started seeing them way back in the mid-90s, they’ve been largely inept — bedeviled with glaring grammatical gaffes, bad fonts and unlikely scenarios.

Those I had to spend no cognitive effort sussing out their provenance.

Modern phishing emails I actually have to spend a few seconds looking at to determine their illegitimacy.

This is apart from the phishing emails I get at work which are of the spear variety — those are almost certainly corporate or state actors and so well done that I just no longer click on any email link found in my work address’s mailbox at all.