Reviews, comparisons, and opinions about the latest technology products, services, trends and anything of interest to the thick glasses crowd!
Cybersecurity Awareness Tip 8: Just delete it (phish and spam)
Report, block and / or delete phishing and spam communications.
First, what is phishing? According to Phishing.org:
Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Many Ways to Scam You
But, let's be clear: hackers, phishers scammers and spammers don't care how you receive the message. And they'll use any method they think will work on you:
phone (aka vishing - voice phishing): Please to call IRS immediately to pay your back taxes or we put warrant for out for you are arrested
email (from: William J Clinton <im.hacker@mail.ru>: I'm the president of a mythical African nation and need help getting gold out of the country - would you like some?
SMS / text (aka smishing): Your Amazon package insured for $5000 is on the way, click http://h@ck.me/AcXyj3 for details
instant messages: (via FB Messenger or Whatsapp, from Sally's real-life friend Krysten, who lives in Peoria and never travels): Hi, Sally. It's your friend Krysten, and I'm stuck in a mythical country. Can you send money via Western Union so I can get home?
Social media (social phishing) - on Facebook, with a picture of a starving puppy: Your gift of $50 can help save puppies from cruel humans! Click to donate: http://weh8u.too)
Regular mail: (formal letter that looks like it's from your insurance company) Dear Mr. Gullible, Your policy # 654321 has been cancelled due to non-payment. Please call 800-SCAMYOU to make payment and reinstate.
Spear phishing is an especially nefarious approach that targets a specific individual or group of individuals. According to cybersecurity tool provider Crowdstrike, "One adversary group, known as Helix Kitten, researches individuals in specific industries to learn about their interests and then structures spear phishing messages to appeal to those individuals. Victims may be targeted in an effort to reach a more valuable target; for example, a mid-level financial specialist may be targeted because her contact list contains email addresses for financial executives with greater access to sensitive information. Those higher-level executives may be targeted in the next phase of the attack." Another group used AI to mimic a CEO’s voice.
A Foolish Clicker and His Money Are Soon Parted
Don't fall for it. Just delete it. And, if possible, report and block the sender.
Related
