Phishing is an attempt to obtain private information such as usernames, passwords, and credit card information from innocent victims online. Solely for malicious reasons by disguising as a trustworthy entity in an electronic communication.
The daily increase in usage of the internet coincides with the rise in phishing. Over 58% of organizations have seen a significant increase in phishing attacks over the last year. Despite that increase, most companies don’t feel prepared to protect themselves against phishing scams.
Deceptive phishing refers to an attack by which fraudsters impersonate a legitimate company and attempt to steal people’s personal information for login credentials. The emails they send frequently use threats and a sense of urgency to scare users into doing what the attacker is requesting.
For example, PayPal scammers might send out a message that instructs you to click on a link to rectify a discrepancy with your account. The reality is the link leads to a fake PayPal login that collects your login information and sends to scammers.
Spear phishing is a more personal attack on the victim. These fraudsters customize the attacks with the target’s name, position, company, work phone number, and any other information in an attempt to trick you into believing that they have a connection to the email sender.
The goal is to lure the victim into clicking on a fraudulent URL or email attachment so that they will hand over their data. This type of phishing is most typical of social media sites such as LinkedIn, where attackers have the use of multiple sources of information to create a targeted attack email.
This type of attack targets top executives in organizations. This is known as a “whaling attack,” where the fraudsters attempt to harpoon an executive and steal their login credentials.
If they are successful in their attack and gain the login credentials, the next step is to impersonate the executive and abuse the individual’s email to authorize fraudulent wire transfers to a financial institution of the fraudsters choice.
Users are becoming savvy to traditional phishing scams; some scammers are abandoning the idea of “baiting” their victims entirely. They are now resorting to “pharming,” which is an attack that stems from a domain name system (DNS) cache poisoning.
Under a DNS cache poisoning attack, this type of phisher targets a DNS server and change the IP address associated with an alphabetical site address This means that an attacker can redirect users to a fraudulent website of their choice even if the victims entered I the correct website name.
This type of phishing can take place without the victim realizing what has taken place. Keep in mind there is no type of baiting involved in pharming phishing.
Dropbox is utilized by millions of people daily to backup, access, and share their files. Scammers are targeting this platform with phishing emails to unaware users.
A typical example is for the fraudster to entice users into entering their login credentials on a fake, cloned Dropbox sign-in page hosted on Dropbox itself, thereby gaining access to all files in that particular user’s Dropbox account.
In this type of phishing, fraudsters target Google drive in a similar way they prey upon Dropbox users. Google Drive supports documents, spreadsheets, presentations, even entire websites. Phishers can abuse this service to create a web page that mimics the Google account log-in and harvests user credentials.
These phishing fraudsters are very good at what they do, and spotting the signs of phishing is not an easy task. Listed below are some simple pointers that can assist you in recognizing a phishing scam.
Official messages from an organization are unlikely to have bad spelling or grammar. Poorly written notes should be an immediate red flag that the message is not authentic.
Phishing emails are commonly used to coerce the victim into clicking through a link to a malicious or fake website designed for obtaining personal data. Take a second look and examine links more carefully before you click away.
It may be slightly altered and something that you wouldn’t notice. Shortened or odd-looking URLs have most likely been changed by the fraudster in the hopes that you won’t see. Be suspicious of a strange or mismatched sender address.
The message may look legitimate with correct grammar and the right company logo, but what about the sender address? Phishers can’t fake a real address and rely on the fact that most users don’t even notice that the sender address is not valid.
You just got free tickets, money, etc. If all you’re required to “click here” and you will receive gifts, you are most likely on your way to being the victim of a phishing attack. Remember, if it’s too good to be true, it’s too good to be true!
This is the best way for companies to avoid being victims of phishing. Teaching staff what to look for can go a long way to prevent costly phishing schemes – disabling macros from being run on computers in the network and also play a big part in protecting employees from attacks.
Macros are designed to help users perform repetitive tasks with keyboard shortcuts, but they can work against you as well. Most newer versions of Office automatically disable macros.
Using the information above about the different types of phishing scams and how to protect yourself and your organization can assist in making you more alert and aware to prevent becoming a victim of these malicious fraudsters.
Utilize Social Catfish if you’re suspicious that you may be dealing with a phishing scam. Social Catfish is the expert in this field and will be very helpful in getting you the information you need to identify a phishing fraudster!
Spear phishing is an attempt to steal sensitive info such as credit card, financial, and banking info from a victim for malicious reasons. The main difference between regular phish… Read More
A cyber attack is an offensive maneuver that targets computer information, infrastructures, computer networks, or a personal computer device. A cyber attack can be an individual, a… Read More
You receive an email from PayPal that you’ve been paid. Without thinking twice, you ship merchandise to your new customer, thankful for their business. The only problem is, they … Read More
It would be nice if bad credit could be repaired with the wave of a magic wand or making a few of your payments on time. However, as a Federal Trade Commission’s Consumer Informa… Read More
Is your significant other cheating on you? Did your child secretly make a Tinder account? No matter what your dating situation or dilemma, read this a ...
Read More >>Have you ever wondered how to find out if someone has a dating profile, like your boyfriend, girlfriend or spouse? This situation comes up more oft ...
Read More >>Dating online is most people's go-to way to discover their prince charming or princess of their dreams. However, scammers know just how badly people w ...
Read More >>What is Catfishing on Ashley Madison? Ashley Madison is the best of what modern relationships have to offer the cheaters of the world. Their tag li ...
Read More >>Are you looking for hidden online profiles? While it would be helpful if social network profiles were always easy to find, that often isn’t the case ...
Read More >>You've been talking to someone online, and you start getting suspicions and you're getting some signs that you might be catfished. The person t ...
Read More >>0 Comments
Social Catfish is an online dating investigation service based in California, USA. We verify information to confirm if the person that you've met online is really who they say they are.
We do in depth checks using our own proprietary online tools to verify things like images, social profiles, phone numbers, emails, jobs and a lot more to make sure that you have the most information about the person that you've met online. We are the only company doing verification of public information such as jobs, phone numbers criminal checks as well as social profiles and images.
If you want to be aware of the latest news and catfish stories, subscribe to our newsletter!
