Scammers are using every trick in the book to steal your hard-earned money.
The methods vary, but two of the most popular techniques are called spoofing and phishing.
What Is Spoofing?
Spoofing is when someone disguises an email address, phone number, or website URL to make it seem like a credible source. The FBI noted in a post that it happens “often just by changing one letter, symbol, or number.”
The main goal of spoofing is to try to obtain financial details and/or sensitive information. For example, you might get an email that looks like it’s from your phone carrier asking you to pay a bill – but it isn’t.
Criminals count on being able to manipulate you into believing that these spoofed communications are real, which can lead you to download malicious software, send money, or disclose personal, financial, or other sensitive
information.
What Is Phishing?
Phishing is a form of social engineering where attackers deceive people into revealing sensitive information – often this uses spoofing.
Most commonly, the goal is to steal a user’s banking information, identity, or passwords. However, in some cases, the crooks are trying to distribute malware, such as ransomware. Phishing attacks can be carried out in a number of ways via fraudulent emails, SMS, or websites. Cybercriminals who conduct phishing attacks typically pretend to be legitimate companies, friends, or acquaintances.
Today, phishing has evolved into several variations that use
similar techniques:
- Vishing scams happen over the phone, voice email, or VoIP (voice over Internet Protocol) calls.
- Smishing scams happen through SMS (text) messages.
- Pharming scams happen when malicious code is installed on your computer to redirect you to fake websites.
Small and medium-sized businesses are a particular target for phishing scams because distributing malware to a business can be very lucrative for hackers.
Boost Your Cyber IQ
To help prevent people and businesses from falling victim to phishing scams, experts have revealed some keywords to watch out for in suspicious emails, including “label”, “invoice”, and “post”.
Of course, these words may also be found in work emails, but if they feature one of these themes, they are likely phishing scams:
- A sense of urgency: The email is trying to get you to do something suddenly.
- Fear of missing out (FOMO): The email is trying to tell you that you desperately need to do something.
- Emotion: The email is fraudulently accusing you of something to evoke emotions in you.
- Authority: The email will purport to be from an employer or a person of authority to get you to do something.
How To Avoid A Spoofing/Phishing Scam
Firstly, you should be thorough when checking who the email is from.
Never feel pressured into opening an attachment and avoid clicking the phrase “enable content.”
You should also be wary of links in emails. Remember companies usually don’t contact you for your password, email, or credit card information.
If you’re certain an email you have received is a scam, report it to your email
provider and delete it.