Are we good lie detectors? Don’t fall for the Nigerian Prince!
It is a dream come true for many that we wake up and receive an email from the Nigerian Prince claiming that he would like to offer us a huge sum of money. And to receive it, all we have to do is click on a link or send him our banking details. It seems too good to be true, right? But many of us fall for such emails.
What is a phishing attack?
Phishing is a form of social engineering attack which uses psychological manipulation to perform malicious scams. Perpetrators will first gather background information about the intended victim, such as their personal interests or social connections. After that, they will orchestrate, dig into the victim’s personal life and pounce on their weaknesses. They will progress to obtain the victim’s personal data, such as their login credentials or credit card numbers.
We are well-aware that scammers exist, but why are they unavoidable? Well, that’s because there are many types of phishing techniques.
Types of phishing techniques
Email Phishing: Oops! You got tangled in the nets we cast!
One of the most ancient types of phishing is email phishing, which addresses a mass group of victims. Perpetrators often inform victims in mass that there is a breach in their accounts. In this case, users are always asked to click on the provided link in response to the compromise. It is a very common kind of phishing, but we often fall into the hands of hackers when we are desperate for our data.
Get ready to lose a fortune once you take the bait on “unpaid bills”. Mass emails are sent to stressed customers in which a link is attached, claiming to help users pay their overdue expenses. Utilizing householders’ agitation, perpetrators will be able to gain access to victims’ security details.
Spear Phishing: We need your help!
Say your colleague has gone on holiday to Paris. From the pictures she posted on social media, she is having a good time there. A few days later, she reaches out to you, apologizing for bothering you, but her passport has been stolen. Fortunately, she recalls your email address and wonders if you could wire her some money through the link attached to the email since she is in a tight spot.
That is spear phishing.
Spear phishing has personalized targets. Perpetrators usually have some of the information, like the place of employment and job title of the victims. Individuals may receive seemingly legitimate emails from trusted people or organizations, who are actually hackers behind the facade. They are often redirected to a fake website where they are asked to enter information that reaches the hacker.
Whale Phishing: Oh no! You are swarmed.
To all CEOs, CFOs and high-level executives, you have a target on your back!
Like Orcas, which are at the top of the food chain, whale phishing aims at prominent and powerful individuals. Scamming ordinary people is one thing, but targeting senior officials is another. Influential individuals of an organization are impersonated by perpetrators. Their influence on the company will help whalers collect confidential organizational data about the company and receive massive amounts of funds from their subordinates.
Say you receive a message saying “I am stuck in a meeting right now. It would be great if you could transfer a new vendor payment to China. I want it done by today.” In that surge of panic, you might neglect all the red flags of the email and wire the money without questioning the credibility of the message.
In 2015, a finance executive received a note from Christopher Sinclair, CEO of Mattel, requesting a transfer. Later on, the request was approved as the other two high-ranking managers did not find it suspicious. When the transfer was mentioned, the CEO denied any such request and the company lost nearly US$3 million.
Real-life phishing attacks: it is closer than you think!
Phishing is not limited to emails. For instance, the “Grandparent Scam” is a kind of spear-phishing that manipulates victims’ weakness and fear, leading them to impulsive actions. Think about receiving a message about the safety of your loved ones. Would you fret and fall prey to money-hungry perpetrators?
A senior woman from Florida was robbed of more than US$700,000 after being convinced that her granddaughter was in grave trouble. According to her attorney, she was asked to make multiple withdrawals from her bank. Another example involves 93-year-old Ester Rice being told that her grandson was in jail and required a huge sum of money to bail him out. Fearing for her grandson, Rice compromised and lost US$8,900.
How to avoid getting phished
Losing all your money due to phishing is one of the worst things that can ever happen to a person. To avoid falling into the claws of evil hackers, here are a few steps to avoid getting phished.
Step 1: Think before you proceed
Keep calm. Do not feel pressured to make a decision instantly. Stop and check the credibility of the person who approaches you before taking the next step. For example, if the message is said to be from a family member, take some time to check up with the actual family member.
Step 2: Do not fall for the baits
Ignore any message or email that requires you to click on the link, unless you are sure that it is credible and legitimate.
Step 3: Avoid dishing out your personal information
Double-check and question the company or person in charge. Never send confidential information through emails or fill in personal data through the links in the email.
Step 4: Plan for the worst.
If you, unfortunately, fall prey to a scam, speed is essential to getting your money back. Call your bank immediately. If, by chance, you are scammed in the U.K., you will have a chance to get your money back because banks have got you signed up for a contingent reimbursement model code. It is a procedure to ensure that customers can get their money if they ever experience scams.
Needless to say, avoiding scams is easier said than done. Being aware of phishing scams is the best way to prevent yourself from becoming the target of a scam. Keeping your eyes open for any suspicious emails and spotting them out as early as possible will greatly lower the possibility of being phished.
- What Are the Top Five Cybercrimes?
- What Are the Top 5 Cryptocrimes?
- Common Crypto Scams and How to Protect Yourself Against Them
- Most Destructive Computer Viruses in History
Header image courtesy of Pexels