The more common technology becomes, the more people there are trying to figure out ways to exploit it or use it to their advantage. Phishing attacks are as old as the Internet (arguably older if you lump them in with scams in general), but they continue to get harder to spot as hackers gain access to better and better tools.
Mass phishing attacks are the most common, and they usually rely on infected file attachments to deliver malware to your computer or mobile device. That malware can reveal sensitive information to hackers, such as passwords or insider business information.
A more sophisticated hacker will go after a specific person or group of people in what is known as spear-phishing. Targeting the person who has access to the information you want takes a lot more time, but hackers often find the payoff is greater. Even more sophisticated than spear-phishing is whaling, in which hackers target the head-honcho- a CEO or other C-suite professional who would have access to the most classified information.
These attacks come in numerous forms- it’s not all about the email anymore. Oftentimes hackers will use phone spoofing or persuasive techniques to gain access to your personal information over the phone. Text messaging is also being used these days to gain access to accounts associated with your smartphone.
There are a lot of ways to protect yourself from phishing attacks. If you get an unsolicited text message from an unknown number, there’s a good possibility it’s a scam. Do not click on any links. Chances are they will already have some of your personal information on which to base their attack- hackers can be very clever about getting personal information from social media and other sources. If you get a phone call from someone demanding money, it’s important to remember that the IRS and your bank will never ask you for personal information or money over the phone.
Always be suspicious of any communication that seems to come out of the blue, especially when it is asking for your protected information. Never click on links or attachments in communications from unknown senders. If you are unsure whether a message is actually from your boss or someone pretending to be your boss, call your boss directly to confirm. Report any suspicious activity to your IT department or to the FBI.
Learn more about protecting yourself from phishing attacks from this infographic!
How To Protect Yourself From Phishing Attacks
Infographic source: Digital Guardian