0

How do I phish thee? Let me count the ways!

Traditional phishing is what we refer to as the “spray and pray” phishing attack because it’s usually a mass email that goes to thousands of individuals in hopes that a few will fall for the scam.

Spear phishing targets specific individuals instead of a huge group and often research their victims on social media to customize their email. This is often the first step to get past a company’s defenses and then carry out targeted attacks on the company employees.

Whaling is when attackers go after the “big fish” like a CEO or CFO. These attackers spend considerable time profiling these big fish to find a way of stealing their login credentials. Whaling is particularly scary because high-level executives have access to large amounts of company information.

Smishing is a version of phishing where hackers attempt to steal your personal information using your mobile device. They’ll send you a text message and pose as a trusted source, like your bank, and ask you to click on a link which would then take you to a compromised website.

And Vishing, another form of smishing, where hackers attempt to steal sensitive information directly from you over the phone, like a credit card number or social security number by again posing as a trusted source.

And finally Pharming, internet users trying to go to one website are redirected to a bogus website that appears to be legitimate and you don’t even have to click a malicious link to be taken there! Hackers can infect either the user’s computer or the actual website so it redirects the user to the fake site, even if the correct address is typed in.

We all know we need to be alert when looking through our email; who they come from (someone you know?), what they want (click here!), and what they offer (links and documents and promises).

But be aware that they are also searching for you and your information in other ways too; like texting you, or calling you, or tricking you to fake websites. So, stay alert and be on the lookout for hackers who are using these other types of phishing scams and don’t take the bait!

Leave a Reply