Phishing, as you obviously do not understand, is a socially engineered attack, making the OS involved usually irrelevant. Its a tactic of breaking security at the end user point making the interface a non issue when it works.
Secondly, the article seems to be doing a dance around the point that the MS research is asserting. The MS article is making a point something akin to pointing out that investing your time and money into purchasing lottery tickets is not a very good way to go about earning a living, and similarly phishing is an all to similar effort. And that is correct.
The lottery analogy has some good comparisons to look at. Many top lotteries today have an almost limitless number of tickets that can be sold and conversely there are only a limited number of winning numbers that will be drawn and hence; the more tickets sold, the less potential there is to win. Likewise with email phishing.
Sure, as with lotteries phishing will have its winners, they do exist no doubt. On the other hand, what the MS research appears to be indicating is that the phishers are generally living in dreamland like many lottery players are, particularly those lottery players who put a disproportionate amount of money and time into trying to win.
So let go of the Microsoft/damage control theory. It does not apply and it seems to me that the research is largely correct.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
