When you think of phishing, you most likely think about
email phishing, as 91 percent of phishing attacks start with this method of communication.
However, phishing attacks are evolving every day, becoming more sophisticated
in both type and frequency. In this article we will outline some of the ways
phishing has evolved from emails.
Social Media Phishing
More than two-thirds of adults use social media these days,
and that number is even higher among young adults. Cyber-criminals are taking
advantage of popular social platforms in hopes of hacking accounts or tricking
people into giving them personal information. One way they do this is by
creating fake accounts. These accounts can mimic people you're close with or
businesses that offer promotions. Cyber-criminals will then post malicious
links and steal login information.
SMiShing
SMiShing is a form of phishing where cyber-criminals send
text or SMS messages to another individual requesting their personal
information. These texts often contain malicious links. If you receive a text
from an unknown number that contains a link or is requesting personal
information, think twice, and research the business or phone number.
Vishing
Another
way cyber-criminals attempt to steal personal information using your phone
number is vishing. Vishing is the fraudulent practice of extracting sensitive
information over the phone. Vishers often impersonate your bank by calling and
leaving fake voicemails, or even emailing you an imposter phone number to call
to provide your banking details. Always remember to double research the phone
number provided to you. If something seems phishy, call your bank directly and
ask if the request is legitimate.
USB Baiting
External storage devices, like USB flash drives, can be used
to inject malicious code into your network, redirect you to phishing websites,
or give a hacker access to your network. If you find an external storage
device, never plug it in toy our computer. Turn it in to your IT administrator.
While social phishing, vishing, SMiShing, and USB baiting are some very tricky
forms of phishing, you should always be on alert for any type of phishy
situation. Always think twice before clicking a link or providing any sensitive
information to anyone over the phone or digitally. It's always better to be
safe than sorry!
Contact BIT if you are interested in learning more about our security awareness program. We are always willing to set up an in person training for your agency or business.
Providing RESOURCES. Creating COMMUNICATION. Sharing SUCCESS.