As advances increase with the internet, so are people progressing cybercrime tactics on the internet.
Phishing is a cybercrime in which the perpetrators persuade its victims to release sensitive personal data. Financial details, passwords after contacting them via emails, text messages under the false pretext of being a legitimate organization are some examples. The moment information releases it results in identity theft, access to personal accounts, and substantial financial losses.
Common types of phishing
1. Spear Phishing
In spear phishing, the cybercriminals take time to gather information about you and use it in the email to appear legitimate. They go as far as mentioning your name, your phone number and where you work which they usually obtain from social media sites. After which they request for sensitive information, which they use to defraud their victims. Both spear and deceptive phishing, share common features which are the manner they reach out to people and the sense of urgency in their tone of their emails, sometimes they make you believe that if you don’t comply something terrible may happen.
2. Deceptive Phishing
Phishing of this type occurs when the scammer sends an email from a company that you always patronize their services. The scammers act as though they are employees of the company and request for your details in the email they send, placing deadlines on your compliance. The email usually contains fraudulent URL links that will have forms where personal information will be filled in. Protect your yourself from this kind of phishing attack by being more observant, with regards to URL sites before clicking to be sure you are about to visit a legitimate domain.
3. CEO Fraud
Here, the target is usually a top executive in a company, these scammers hack into their emails and send messages to junior employees most times requesting that money transfers to another account. They exploit the organogram of an organization as they know that most low ranking won’t ask questions and readily obey instructions from their superiors.
4. Search Engines, Dropbox and Google Docs Phishing
Some phishing scams involve search engines or favorite sites like Dropbox and Docs, where the users are always uploading and downloading as well as sharing files. They pose as Dropbox or Google Docs and request personal information just as in spear phishing.
Also, these scammers could hoist fake websites presenting low-cost products or offering loans with a low-interest rate. They defraud their victims when as they enter credit card details to patronize them.
Also known as web delivery or ‘man-in-the-middle,’ here, scammers take over a website, lock out the webmasters redirecting the users of the websites to their fraudulent sites. It is considered the scariest type of phishing because if users of these websites are not careful enough, they give their details to the wrong persons. Also, the scammers may hack into the communication link between the users and the websites and pick vital information about the users without them knowing about it, hence the name ‘man in the middle.’
IDENTIFYING PHISHING THREATS
The following features are ‘red flags,’ warning signals you should look out for to protect yourself or your organizations from phishing scams.
Clicking all links shouldn’t be done. Before clicking look at the link. If the link has spelling errors, avoiding it would be wise. These scammers usually use popular websites but deliberately misspell the address which vulnerable individuals will overlook.
Be careful about emails that have too-good-to-be or unbelieving offers. Offers like this are designed to catch attention and lure its victims into fraud. Whenever you see such emails, stay away from them.
Any email that comes from unknown persons should be known as a phishing scam threat. There is no need to open it, delete it!
Once you see emails with attachments that you weren’t expecting, it is best you don’t download the websites. Phishing scams perpetrate in this manner and attachments of this sort could contain malware or viruses that would seriously harm you.
Emails with deadlines:
Never forget that financial institutions will not rush you to provide your financial details via the internet. Institutions usually give lots of time for you to comply. Therefore, disregard any emails, requiring your data with a high sense of urgency, this is a typical style of scammers. Contact your banks or any other institutions and verify appropriately before filing financial detail online.
PHISHING PREVENTION TIPS
In recent times, these scammers are becoming more innovative. Scammers intensify the menace of cybercrime. Against this backdrop, the following are tips to help you stay away from phishing attacks:
Change your browser settings
Adjust your browser’s settings to permit only verified sites to open. As a user, there is a need to explore the browser feature which gives an alert when a fake website is opening. Such warning signs should be adhered to strictly.
Use spam filters
What these filters do is to trace the source of the message, determine the software used to send the message, the appearance of the message and then blocks it. Sometimes the spam filters may even prevent your emails to keep you protected.
Always change passwords or use multiple factor authentications
An excellent way to avoid phishing attacks is to change passwords on a regular basis, avoid using the same password across accounts on the internet. Webmasters should adopt the multiple factor authentication or the CAPTCHA systems to prevent security breaches on their websites.
Cross check every URL
Before clicking, it is essential to take a second look, at the URL. Safe websites will always start with “https”; this is a proof that it has a valid Secure Socket Layer certificate.
Finally, to avoid severe losses of money and credibility, organizations and even individuals should invest in getting the right and updated information for the cyber attacks and cybersecurity. When applying regularly, you and the organization has protection from any form of cyber attack.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.