Phishing may bring up fond memories of quiet time on the lake with your grandfather or dancing in fields to a jam band somewhere in Vermont. Sadly, there’s a dark side to phishing in this day and age. Hackers use phishing to gain access to your private information and use it for their benefit. When it comes to phishing schemes on the net OSTechnical is here to keep you from getting sucked in by hackers’ hook, line, and sinker.
Phishing schemes come in all shapes and sizes. Trust, content, and emotion are the unholy trinity that phishers use to take advantage of your good intentions. Common scams like email phishing or fake social media profiles may be familiar to you. But today we’re going to help you protect your information from the continuous evolution of cyberattacks. These are some of the most common phishing schemes used today and how to avoid them.
- The Standard: Email Phishing
Email phishing is a common phishing attack whereby hackers use deception tactics that compromise your privacy and can compromise personal or organizational security at work. Phishing emails oftentimes appear to be harmless and from a legitimate source, but that is how they get you. Some common scams may come disguised as communications from a bank, government agencies, or other reputable groups.
Three of the most used email phishing tactics are:
Deceptive Content: There’s usually a sense of urgency or fear embedded within phish-y emails. The goal is to incite immediate action before you second-guess the content.
Spoofed Sender Information: Cyber attackers may fake the “from” address to increase the likelihood of you engaging with an email.
Spear Phishing: A targeted attack. Phishers customize their message to the specific recipient. They may use information from social media or other sources to pique your interest.
- Don’t Pick Up: Vishing (Voice Phishing)
Phone calls are another tool by attackers to impersonate government bodies or reputable organizations to gain access to your information. Callers may try to access your bank account, social security number, and passwords. Be extra vigilant because nowadays vishers can manipulate your caller ID to appear more trustworthy. Remember that companies will not contact you for logins or passwords. Listen to your gut and don’t pick up for strangers.
- It’s OK to Ghost Hackers: SMS Phishing
Text messages are another method phishers use to access your information. Be wary of unfamiliar phone numbers or texts that contain links or prompts. When clicked you can be led to malicious websites or malware may be uploaded onto your device. Common scams that are used include fake giveaways, “urgent” messages from your bank asking you to unlock an account, or a false invoice for an online purchase. Like all phishing schemes, the best reply is no reply. Block the sender and delete messages immediately.
- Be Website Wary: Pharming
Attackers manipulate the Domain Name System (DNS) to redirect users from legitimate websites to malicious sites. These scams often occur on websites associated with financial institutions. Pharmers use these sites to install malware onto your computer to access logins, passwords, and account information. Do not give any personal information out on these sites or you will risk your privacy and your financial stability. Make sure you are represented by a reputable internet service provider. They will typically block any DNS poisoning attempts and save you time and money in the long run.
- Keep Your Business to Yourself: Business Email Compromise
Phishers target employees, this is especially prevalent in HR and financial fields. They may pose as employers or colleagues to gain access to sensitive information or initiate monetary transactions. Hackers will create emails that look very similar to those belonging to your institution. They will try to trick employees into making wire transactions while masquerading as a trustworthy individual. A great tip to avoid Business Email Compromise is to set up color coding for your email account. This means every email in your organization will be flagged by blue for instance and outsiders will show up as another color.
The best way to avoid falling for phishing schemes is to remain vigilant. When something smells phishy make sure to triple-check its source (i.e. the address it was sent from). If an offer sounds too good to be true, it probably is. Remember that reputable institutions will not reach out for your login or password, they won’t redirect you to another site out of the blue, and when in doubt, call customer service directly to confirm that they’ve gotten in touch with you.
At OSTechnical we provide business owners with experts in the Informational Technology field that are well versed in the different methods hackers use to gain your private information. They will train your team on what to be aware of and will act as a line of defense against unwelcome phishing schemes.
