Internet Scams

heroImage

What is Phishing

*Ding* *Ding* * opens email* “Types personal information” *Crying* ($100,000 missing from bank account) This is an example from a victim of phishing scams. Phishing scams have many different ways of attacking people, this is only one example of what can happen. What exactly is a phishing scam? Phishing is a type of online scam where criminals can impersonate legitimate organizations via email, text message, advertisement or other means in order to steal sensitive information. Normally this is done by including a link that will appear to go to the company’s website to fill in personal information however the website is a fake and the information that the person provided goes straight to the people behind the scam.This scam gets its name because the term “phishing” is a spin on the word fishing. This is because criminals are dangling a fake “lure” (the legitimate-looking email, website or ad) hoping users will “bite” by providing the information the criminals have requested, such as credit card numbers, account numbers, passwords, usernames or other valuable information.

imagee1
imagee1

Examples of Phishing.

To not become a victim of phishing, it is good to know what are some things to look out for. A phishing emails goal is to steal confidential information from users and organizations. Victims of phishing emails typically trust the source of the information request and believe that party is acting with the best intentions so they respond without thinking twice about it. 19 Examples of Common Phishing Emails says, “In a phishing email, cybercriminals will typically ask for your: Date of birth , Social security numbers , Phone numbers , Credit card details , Home address , Password information (or what they need to reset your password) , This information is used by cybercriminals to impersonate the victim and apply for credit cards or loans, open bank accounts, and other fraudulent activity. Some cybercriminals use the information collected by a phishing email to start a more targeted cyber attack, such as a spear phishing or business email compromise incident, that relies on knowing more about the victim. Over the years phishing has evolved into highly-specialized tactics. Standard email phishing is common however there are many other types of phishing, Email Phishing, Vishing, & Other Types of Attacks explains more ways someone can become a victim to phishing. Malware Phishing uses the same techniques as email phishing, this attack encourages targets to click a link or download an attachment so malware can be installed on the device. Spear Phishing is where most phishing attacks cast a wide net, spear phishing is a highly-targeted, well-researched attack generally focused at business executives, public personas and other lucrative targets. Search Engine Phishing is the type of attack where cyber criminals set up fraudulent websites designed to collect personal information and direct payments. These sites can show up in organic search results or as paid advertisements for popular search terms. Vishing also known as voice phishing, involves a malicious caller purporting to be from tech support, a government agency or other organization and trying to extract personal information, such as banking or credit card information. Clone Phishing is the type of attack where a shady actor compromises a person’s email account, makes changes to an existing email by swapping a legitimate link, attachment or other element with a malicious one, and sends it to the person’s contacts to spread the infection. This is still only a few examples, there are many ways someone can be scammed.

How to avoid phishing.

Phishing attacks can be quite clever, they have been around for many years and always improve as technology gets better. Two actions people can use to help keep them from getting scammed is to not click and use their own link. If a product or service from a company is apparently sending them a message, they shouldn't click. Instead, they should navigate to the website via a browser bookmark or search engine. If the email is legitimate, they will see the same information when they log into their account on the legitimate site. They can also use a browser filtering extension. There are browser extensions that grade search engine results based on known characteristics or behaviors which could prevent them from navigating to malicious sites. 10 ways to Avoid Phishing Scams gives some tips to avoid phishing. They suggest keeping informed about phishing techniques. New phishing scams are being developed all the time and without staying on top of these new phishing techniques, people can inadvertently fall prey to one. If they keep their eyes peeled for news about new phishing scams it can help reduce getting scammed. They should also think before they click. It is okay to click on links when on trusted sites. However, clicking on links that appear in random emails and instant messages, isn’t a smart move. They should hover over links that they are unsure of before clicking on them. They should ask themselves,”Do they lead where they are supposed to lead?” People should be checking their online accounts regularly.

If they don’t visit an online account for a while, someone could be on it doing whatever they feel like with it. Even if they don’t technically need to, they should check in with each of their online accounts on a regular basis. Getting into the habit of changing their passwords regularly is something that could benefit them. To prevent bank phishing and credit card phishing scams, they should personally check their statements regularly. One of the most important things Phishing.org suggests is to never give out personal information especially over the internet. They never should send an email with sensitive information to anyone. Most of the phishing emails will direct them to pages where entries for financial or personal information are required which causes a big headache for those who become victim to phishing scams.
If they find that they have become the victim of a phishing scam, they should change all of their passwords immediately. Since most people use the same password for multiple sites, cybercriminals could be in the process of gaining access to their other accounts on commonly used sites. Sadly phishing and other scams will always continue because they are so successful for cybercriminals and will continue to make them a massive profit. However, now having information on what to look out for it should help avoid becoming a victim of phishing scams.