Phishing is an attack on user data that is online, including login credentials, credit card numbers, emails, passwords. These attacks usually happen when victims are duped into opening an email or a text that looks very similar to the creditable ones they receive. These scams usually mimic online resources like reputable banks, credit card companies, phone bill payments, anything!
How do these scams find you?
Phishers communicate through text messages, email, any electronic communication channels that victims are susceptible to. Catfishing is a common denominator with these scams. They were impersonating well-known social media businesses or people. Scammers often take form and look like traditional banks, auction sites, government, and nonprofit organizations. When a victim receives an email, these emails contain a link that usually is infected by malware.
Often, these emails will make it seem like they have sensitive information. A common scam is pretending to be the Internal Revenue Service (IRS), where there is information that can be sensitive and private to most people.
Obviously phishing is widespread, and that is because these scammers have gotten incredibly good at tricking people. These texts or emails they send are intelligently crafted to resemble legitimate emails that victims receive and, therefore, open.
Types of Phishing
Spear Phishing (no not fishing you’re thinking of)
- This scam is usually direct to a specific company or individuals. Scammers often garner personal information about their subjects through social media and other outlets.
- Victims personal history
- Interests, hobbies, daily activities
- Family members names, peers, friends, colleagues
- Job titles, email address, Job location
- While carefully researching their victims, phishers are capable to craft messages that are deceiving and look real.
Whaling is a type of phishing scam that is directed to celebrities, political figures, senior executives, high profile targets within a business, and more. No one is safe from these scams. All these phishing scams have one universal goal, and that is to get personal or corporate information that can be used negatively. Just like spear-phishing, whaling emails are careful research and highly personalized. The contexts of the emails often include the name of the individuals, job titles, and any other information that is relevant could be included.
Clone phishing is when a legitimated and previously delivered email or text message contains links or attachments. The email contents are manipulated to look virtually identical to the previous email. The link or attachment is replaced with a conveying version and a spoofed email address, so it appears to come from the original sender.
How to protect yourself?
These scammers have revised they're crafted and have become so precise. With that being said, how do businesses, individuals, and organizations protect themselves from this sort of harm?
Security Awareness Training
The two most effective forms of phishing are whaling and spear-phishing, and that is because they look as if they are legitimate while deriving from sources that seem to be trusted to the organization or individuals. With that being said, it is beyond important for individuals and businesses to educated themselves on the dangers of phishing. No matter if you are an A-list celebrity or a receptionist at a business, you need to learn how to spot the different forms of phishing and respond accordingly.
Investing in a security awareness program to aid employees about corporate policies and routine for working with information technology. Having policy’s that are in layman’s terms and easy to understand is essential so employees can fully grasp the importance.
Several things to note
- Review domain links
- Yes emails get spoofed, but so do domains. Having a business look into security services that filter through domain links and prevent phishers.
- Choose a unique email address and create a strong password.
- It is easy to just use the same password for every account you have, but that only makes users more susceptible to being scammed. A mixture of numbers, lower case/upper case, and symbols will ensure a complex password. Try to avoid birthdays and your last name in your passwords.
- Do not save your password onto your desktop or laptop top. If you are having trouble remembering what your passwords are like, most people write them down on a tangible notebook.
- Monitor your personal information
- You can use reputable people search websites like GladiKnow.com. Websites like this can pull together all your information from websites using social media, government records, financial information, employment history, and personal information.
- GladiKnow.com can help users identify which websites are exposing private information. This information would be exactly what phishers are looking for when they are baiting their victims in emails or text messages.
Don't forget to share this post