Attacks begin when users are lured into “visiting suspicious websites or click on phishing links that download malicious software onto their computer.”
Incidentally, we try not to use these sorts of "Forbes contributor" articles on Wikipedia when possible. They're effectively just blogs masquerading under the credibility of Forbes staff's actual journalism.
That said, I don't see anything wrong with this excerpt. This is legitimate attack vector.
After reading various news amd stories about phishing, I no longer think anyone is really "too smart to be phished". Not the matter of "If", but "Under what circumstances".
Yeah, I dunno what the facepalm is supposed to be about. 99% of the rest of the world has about 1% of the tech knowledge that the average Lemmy user is going to have. These scams are wildly effective, and it's not really a matter of general intelligence as far as who falls victim to them.