Understanding Phishing: Think Like A Scammer!
A lot of us love to fish – it’s entertaining, peaceful, relaxing and nothing beats the thrill you feel when you catch a big fish. Phishing is not much different from fishing in this sense. The same way the fishes are attracted to the bait, with just one email a criminal can lure a number of people into a trap and they enjoy it just as much as you enjoy fishing.
There are many different phishing techniques used today to trick people through social media. Learning what phishing is and understanding these techniques can help you to void it.
As stated by the United States Computer Emergency Readiness Team (US-CERT):
“Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques…” To put it simpler phishing is a game of trickery designed to force you into volunteering your information online, from your bank account number to your employee ID.
Phishing does not always involve identity theft. For example a lot of phishing emails today are meant to trick people into purchasing products online but I’ll explain this more a bit later on. In the case of identity theft, traditional methods generally include sending links of fake websites prompting the receiver to enter their information.
These links are usually manipulated to appear real but will take you to a fake website. Once you insert your information on the website the scammer will have access to your account. Some phishers will even try to exploit you further by tricking you into giving up your home address, credit card number and social security number.
The email will seem like its coming from a legit company, for instance a bank claiming that there is a problem with your account that needs to be rectified urgently. Phishing emails often also claim to be offering lower interest rates on your credit cards.
Visit the Microsoft Safety and Security Center for an example of what a phishing email may look like.
It’s also best to avoid clicking on suspicious links. It’s always safer to visit the company’s website directly from a new tab. Most financial entities today will not send links directly to your email because they are aware of the increase in phishing attacks. Internet Security Suite offers protection against virus and spyware, thus it will help you to combat phishing. This works by monitoring your web browser so that you will know if a website is fake.
Criminals are enjoying mobile phishing just as much as email phishing today. Thousands of individuals lose money annually from telephone fraud – from a few pennies to their entire life savings. Phishers are experienced and know exactly what to say to get you to give up your money. They may seem very friendly and professional – addressing you by your name and making it seem like they are only interested in providing you with the best service.
They may call you or distribute ads for you to contact them directly claiming to be a legit company. One of the most common phishing calls today is from scammers claiming to be a part of the Federal Credit Union Administration. They usually ask you to verify your identity after noticing ‘suspicious activities’ on your account – SCAM. Once they get ahold of your information they will be able to make purchases online hence you should always be skeptical of these calls.
Social Media Phishing
The more popular social media has become the easier it is for phishers to catch “fishes.” People are less likely to be skeptical of links posted on social networks since sharing is the norm and phishers are taking advantage of this – that’s the scary part. The good thing is that scams carried out by phishers over social media are generally less extreme.
Most phishing on social media is meant to gather email addresses or refer users to affiliate links. Usually, the posts contain content to attract a large number of people. For instance it may have news about the death of a famous celebrity.
Of course there are a few cases in which phishing attacks on social media can be very costly. For instances phishers may create bank profiles and lure you to fake websites where you will be asked to enter personal information. You can approach social media phishing in the same manner as email phishing – use security software to avoid visiting harmful links.
The Bottom Line
Phishing is not going to die down anytime soon – technology has become a necessity in our lives. People who become victims of phishing are not necessarily unwise but rather they are uninformed. Once you have learnt about phishing and how to protect your computer you are less likely to be tricked. Be skeptical and use security tools when possible.