The Rising Threat of Phishing
Phishing is a form of cyberattack that uses carefully disguised and seemingly friendly methods to trick users into handing over their personal information. Phishers trick their targets into believing that they are trustworthy and are offering something helpful to those they are preying on. Phishing schemes often disguise themselves as a trusted company or person to help convince the target to hand their information over.
What is Phishing?
“Phish” is pronounced just like it’s spelled, borrowing most of its name from “fishing,” as the online attackers hope their targets will take the bait. Phishing is one of the oldest kinds of cyberattacks and remains one of the most widespread and effective. Phishing attacks are evolving and becoming more sophisticated daily. Nearly a third of all online security breaches involve people being conned into giving out their private information.
There are several different types of phishing, but all of them involve disguise and deception. Most often, attackers “spoof” email addresses and send fake messages that appear real and legitimate. Check out this blog post to see some examples of common phishing emails. Sometimes these messages are sent out to millions of people at a time, with the intent that even if only a few people fall for the ruse. The online attackers will still get enough sensitive information to make a profit. Other times, phishers attack specific people that they believe are more vulnerable or worth exploiting. This is referred to as “spear phishing” or “whaling.”
Crisis Exploitation: A Phisher’s Paradise
It is important to note that phishers love to use crises to help prey on targets by exploiting their sense of urgency. During a crisis, people are on edge, waiting on what to do from officials and others in positions of power. For this reason, people may act impulsively and take bait disguised as help without really thinking their actions through. During the pandemic, many phishers disguised themselves as public health authorities and successfully tricked members of the public into their traps.
Subtle Phishing Tactics: Social Media Traps
Phishing schemes can be more subtle, with the attackers taking a much gentler approach to acquiring your information. Ever seen a public post on Facebook that reads something like “If you had one day left on Earth, what would your last meal be?” or “Your favourite TV show growing up was _____?” These are phishing schemes aimed at learning more about you. The goal of these is to secure the answers needed to pass security questions and log into your email or online banking accounts.
Protecting Against Phishing: Expert Tips
There are a handful of tips experts agree the public can take to protect themselves against phishing:
- Inspect URLs: Before clicking on any email link, scrutinize the URL carefully. Look for unusual spelling and special characters like ò
- Beware of URL Redirects: Look for unusual domain names that have replaced standard ones like .com and .org.
- Verify Suspicious Messages: If you receive a questionable email or message, verify its authenticity by contacting the sender through a separate channel. For example, if you receive a strange message from a friend on Facebook, text them to ask if it was them who sent it
- Limit Personal Information Online: Minimize the amount of personal information you share online. This includes details such as your birth date, favourite things, vacation plans, pet names, and anything else that could help online attackers pretend to be you.
Stay Cyber Safe
Phishing is a pervasive and evolving threat in today’s digital landscape. With awareness, vigilance, and the right protective measures, you can significantly reduce your chances of falling victim to cyber predators. Stay safe and protect your personal data from falling into the wrong hands.