Let's go Phishing

Phishing is a cybercrime in which scammers send a malicious email or message to an individual or an entire organization by impersonating a trusted source. These emails are crafted to be opened without raising suspicion. Phishing emails may contain malware or request access to personal information such as passwords, bank accounts, or social security numbers. Once the information is obtained, the phishers sell the information they stole from you, or some phishers are looking to put viruses on your phone or computer. If a virus is put on your phone, the phishers gain control over the device and can send emails and messages to others connected with you. Below you will find five common phishing scams.

1. Vishing – Voice phishing or vishing refers to phishing conducted over the phone. Scammers use an internet telephone service to call and manipulate you to give out your personal information. With a vishing call, the most common scam you’ll hear is that your account has been compromised. The phishers want you to panic and enter your account information immediately to avoid losing money. These automated phone calls will also leave voicemails so you’ll call them back. If you receive an automated call, think twice before you respond. If you want to be certain the call is real, contact the institution at a verified phone number.
2. SmSishing – SMS phishing is one of the easiest types of phishing attacks for scammers. The user is targeted through text or social media messages. Scammers send victims a message through text or social media asking for personal information or sending them to a fake landing page to fill out a form. Even though the phone number or page looks real, do not enter any personal information, and contact the institution a verified phone number to confirm any suspicious links.
3. Search Engine Phishing – Search engine phishing refers to scammers creating a fake webpage and enticing users to click for special offers. Once the user clicks on the offers or ads, they will be taken to a fake page where they are asked to enter their information to claim the offer.
4. Spear Phishing – Spear phishing targets specific users and sends them dangerous emails. The email appears to be trustworthy, but it can lead a victim to a dangerous website that is full of malware. Scammers will try to obtain your information and then sell it for profit.
5. Whaling – Whaling involves the same tactics as spear phishing but the target is more specific. Whaling targets powerful individuals like CEOs or CFOs. Because of their status within a company, if they fall victim to a phishing attack they are considered a whale. Most often, whales are targeted at banking, tech companies, and healthcare organizations.

When you receive a message through text, social media, or email, always check the sender’s address or credentials carefully. If you are not sure about the characters or the email address, do not open the email or click any links. Phishing attacks can only succeed if a targeted victim clicks the given link. Trust your gut – if it doesn’t feel right it probably isn’t.

« Return to "American 1 Blog"