Events over my past week brought to light a notion that phishing has a greater likelihood of being more successful against someone who isn't a native speaker of the language the phishing attempt is written in. Late last week, I had a user come to me and ask me why a video wasn't playing. I went to the user's desk while he explained to me that this guy he knows sent him a video that he 'needed to see'. It turned out to be a link from a 'so-and-so made $x in 3 months while not doing any work' type scam. The video pretended to play, but really wanted him to buy into the scam to find out more. The user himself is highly intelligent, but his English skills are a bit sub-par(English is his third language). Unfortunately, he wasn't able to discern the contents of the email for what they were, and considered it to be a business-related message. Looking back, this wasn't the first time I've seen a language barrier run up against spam.
This got me to wondering that if language skills can present a barrier in interpreting spam, what is the case with phishing? Most modern phishing attempts at first look appear to be genuine. Some, but not all, have small wording or grammar differences. Someone who has less-than-average skills with a language should be generally less able to notice the differences that would set off a red flag from a native speaker. In 2009, an article was published analyzing data from a list of thousands of accounts and passwords that were presumably phished. It's been speculated that the phish was targeted towards an Hispanic demographic. I'm challenging the notion such that it might have been the users with less acute English skills that fell for the phish in the first place.
Don't get me wrong - This isn't just for English phishing. On a more personal note, I'm in the process of studying German. I subscribe to a couple German TV stations. If I got a related phish, it would be difficult for me to determine the legitimacy of the message by wording alone. Verifying the original sender and the true destination of links and sources of downloaded images/files is something that I'd look at, but most users would not be aware of or know how to do so.
I welcome comments and an open discussion. If someone has an additional case study, it would be most welcome.