“Phishing” for Information
As the sun sets, fiery orange reflections are painted upon the glossy pond water. You’re perched on a lawn chair beside the water, fishing pole in hand. Finally, a tug at your line, and you excitedly jump up and reel in a huge bass. This is the life, you think.
Unfortunately, this isn’t how everyone goes fishing. While you’re harmlessly and peacefully fishing for your dinner, a criminal is putting an entirely different meaning to “phishing.” The difference between fishing and phishing: one man’s harmless hobby is another man’s criminal act. As a fisherman puts a worm on his hook to attract fish, a criminal uses evil methods of deception to reel you in for the catch.
Okay, enough similes. So, what exactly is “phishing”? Well, phishing is a type of cyber attack that is common due to its technological simplicity. The hacker must disguise him/herself as a moral human being to appear as a reputable source to the victim online. The hacker typically uses a fake email, text message, or phone number, disguised as a legitimate business, taking advantage of the victim’s vulnerability to acquire their sensitive personal information. Essentially, the hacker lures the victims into providing their own personal information.
Often, hackers will send emails as an attempt to easily acquire your information. A list of common features that indicate a phishing scam has been provided by phishing.org. If you receive a fishy, or should I say, a phishy email, look for these warning signs:
- Always pay attention to the sender. Yes, junk mail comes, but don’t risk it! An unexpected email from an unfamiliar sender is a red flag for a phishing scam.
- Often, the sender could also be someone you know, whose account has been hacked. If you receive an unusual email from someone you know containing a link, don’t open it. Instead, contact that person directly to ensure that their account has not been hacked.
- “Congratulations, you won a cruise to a private island for a month-long stay! All expenses paid! Don’t ask questions; just click the link!” Emails with ridiculous, unrealistic offers and freebies are a hoax.
- Hackers will send you emails containing attachments. Watch out! Pay very close attention to random, confusing emails from unfamiliar sources. Attachments and hyperlinks within phishing emails contain viruses and ransomware. Do not click to open the attachment! Clicking the link can instantly download a virus to your computer.
- Most phishing scams have no subject line or a subject line that does not make sense.
If you’re paying close enough attention, a phishing scam can be simple to identify and avoid. For this reason, criminals have modified the scam into a more sophisticated approach called “spear phishing.” Since using a random disguise wasn’t always successful, hackers took phishing to a scarier level.
With spear phishing, hackers use personal information to find businesses and people that you are connected with, such as a close friend or a colleague. In the emails, the hackers have begun to use bits of the victim’s personal information to make it more difficult to identify a phishing scam. Any personal information that you have posted online can be found and used to a hacker’s advantage. Hackers use your personal, relatable information to distract you, making you feel comfortable and ultimately gaining your trust. As a result, you are tricked into handing over your own personal information to a thief.
Awareness decreases your chances of falling into a phishing scam trap. Keep in mind that emails, text messages, and telephone calls could be a phishing scam, even if your personal information is included. For your own safety and security, avoid giving out your personal information if at all possible.