08-05-2025
Let's go PHISHING! What lures work in the upper Midwest?
LA CROSSE, Wis. (WLAX/WEUX) – Who doesn't love to fish? Getting outdoors, casting a line to see if you can catch lunch or dinner, and enjoying everything the Upper Midwest is all about.
Wait… what did that headline say?
Oh! PHISHING! That is something completely different, isn't it?
Let me explain. Phishing is the fraudulent practice of sending emails or other messages purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords and credit card numbers… and it's a BIG problem across the globe.
According to Hoxhunt's Phishing Trends Report, since 2021, there has been a 49% increase in phishing attacks. Of those, 65% are focused on organizations and 35% on individuals. Furthermore, between 80 and 95% of all cyber attacks begin with a phish and the average cost of a phishing breach is $4.88 million. Even worse, since ChatGPT launched in 2022, there has been a 4,151% increase in phishing attacks.
Wisconsin, Minnesota, Iowa (and 21 other states) all fall victim to the 'Package delay/shipping issue' lure. If you have received a text message or email from 'USPS' saying 'Your shipment is waiting at our warehouse after two unsuccessful delivery attempts due to an incomplete address…' then you know exactly what kind of lure gets the most action in our area of the country.
That got me wondering what are the most effective lures for phishing attacks in the upper Midwest. That is where my friends at Fullstack Academy helped me out. They just released a study of the Most Popular Lures in the US by State. They have broken down the numbers for all 50 states using a survey of almost 2500 Americans. They asked questions like how often, what type of phishing lures they most frequently receive, which companies are impersonated the most in these phishing lures, if they've fallen victim to a phishing lure, and more.
Have you ever received that text or email? Did you stop and think, 'How does the USPS have my phone number/email address?' They don't. That is someone or something trying to gain your information. And, it's important to note, you are clearly not alone.
Part of what works about scams like this is that people feel ashamed for falling for them, so they go unreported. These scams play on our inattention to detail, our natural curiosity, and finally the shame of feeling duped.
You can find Cybersecurity Bootcamp courses on Fullstack Academy and other places on the web. However, it's important to stay as vigilant as you can. Pay attention to what is being sent to you and, most importantly, slow down. Take your time when opening messages and emails to think about their legitimacy. Think through things and ask yourself if they make sense. When in doubt, ask questions. Reach out to the entities that you think are sending the message and ask if they are trying to get a message to you. Most importantly, be gracious with yourself and, as always, be kind. Especially to yourself.
Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
