Phishing is when a fraudster attempts to steal sensitive personal information by disguising themselves as a trustworthy source in a communication. Cyber scammers are continuing to get better at phishing for valuable data, stealing usernames, passwords, social security numbers, and more. In 2018, phishing efforts increased by 41%. Here’s what you need to know about this form of cyber-attack:
Email Phishing “Fake Outs”
Scammers will do everything in their power to make a phishing email look legitimate. To spot a phish, look out for subject lines and verbiage that have a sense of urgency. They want to trick you into believing that you must act immediately. For example, a phish may mimic an overdue bill with a link to make a payment. Beware, that link will likely lead you to a fake website where they can steal your information. Another tell-tale sign of a phishing email is obvious spelling and grammatical errors.
Spear Phishing Gets Personal
Spear phishing is a scheme where scammers use your personal information to attack. Hackers will go through great lengths to get ahold of your contacts, browser history, social media accounts, and more. After they’ve done a deep dive into your personal life, they will send an email that appears to be from someone you know and trust. If you receive a suspicious email from someone you know, pick up the phone and call that person to confirm they did indeed send the email in question.
Vishing Attacks: Say what?
Phishing efforts aren’t limited to email alone. Phone calls or “vishing” is a scam that involves fooling the call recipient into believing the caller is legitimate. Bad actors can use Voice over Internet Protocol (VoIP) to mimic their authenticity and request sensitive data. Hackers will pretend to be from the IRS or other authorities to steal sensitive data with a phone call. Never give personal or confidential information over the phone. When in doubt, hang up.
Yet another form of phishing, is "smishing", which happens when fraudsters send malicious text messages hoping to fool the recipient into responding. Text messages claiming you’ve won a prize will almost always have links to a fake website that will steal your data and funds. To stop smishing in its tracks, ignore suspicious texts.
Protect yourself from scammers by being cautious of emails, phone calls, and text messages.