Have you ever gotten an email from your boss asking you to make an unusual purchase or do a money transfer? Or have you gotten a call from someone pretending to be in the FBI? If you answered yes, you have likely been a target of a phishing scam.
Who do phishing scams target?
Anyone! No matter your age, gender, income level, background, you can become a victim of a phishing scam. The attackers are on a constant watch for your vulnerabilities, for that one chance to steal your personal information. The information can be as basic as your gender, name, and age, or as in-depth as your background, bank information, and social security number.
3 Common Types of Phishing Scams
Although attackers are always looking for new ways to trap their victims, below are 3 common types of phishing scams.
The most common and one of the earliest kinds of phishing techniques, hackers carefully craft sophisticated emails for you to open without any suspicion. They plant attacks to again access to your confidential details such as bank accounts, credit card numbers, passwords, social security number, etc.
How to protect yourself against email phishing:
- Keep an eye out for unusual emails requesting you to confirm personal details.
- If you're even a little suspicious, do not click on any links before confirming whether or not the email is genuine.
- Before clicking on links, hover over them and inspect each one first.
- Use an antivirus software to scan all attachments before downloading.
- When in doubt, throw it out!
Pictured above: An email I got from an attacker pretending to be our CEO. In this case, the sender's email address made it easy to recognize the spam email. If it wasn't obvious enough that wasn't our CEO's email address. Notice the subtle spelling error in "financial"
2. Vishing (Voice + Phishing)
Attackers usually make calls to their targets using a fake caller id. They pretend to be your friends, relatives, higher authorities, or organizations, many times the phisher will also use an automated message. Much like email phishing, their primary goal is to find the most gullible victims to steal their details.
How to protect yourself against vishing:
- Double check the identity of any unknown caller.
- Limit the information you share online - don't use common or repetitive passwords or common answers to security questions. Don't publish your phone number anywhere.
- Don't answer calls from suspicious numbers - if it is an important call, they will leave you a message and you can always call back.
Pictured above: Many cellular carriers now warn you that there’s probably a scammer on the line that will attempt to trick you.
3. Search Engine Phishing
Hackers create fake websites or web pages that look identical to the real website a user may be looking for. Many times the hackers will hack a common website and add their own url somewhere in there and once the user clicks on it, they are taken to the hackers identical website without ever questioning its authenticity.
How to protect yourself against search engine phishing:
- Every time you click on a link, make sure you double check the url.
- Think before you click!
- Install an anti-phishing toolbar.
- Keep your browser and security patches up-to-date.
- Use an antivirus software.
Pictured above: Many times hackers will create a replica of a website where you are most likely to enter confidential information.