Can you guess how much money was lost to phishing in 2020? An estimated € 54 million!
According to the FBI report phishing is an all favourite of the cyber-criminals over the past five years. Every day, people fall for scams on the regular, leaving them out of pocket, slightly confused, and upset when they can’t afford their vacation to Barbados. Therefore, to avoid the undeniable disappointment and frustration, it’s essential to understand phishing, preventing you and your loved ones from falling victim. Oh, and to ensure you have enough spending money for that trip…
To help clear up the confusion surrounding phishing, this article is full of information what it is and how to protect yourself. However, the overarching theme is how millions of pounds, euros, dollars, and other currencies are lost each year due to phishing via SMS and other scams – we’re here to help you prevent this from happening to you, whether it’s the first time, or tenth time (we really hope it isn’t the tenth time…).
So, without further ado, let’s reel it in and get to it.
What is phishing?
To begin with, we need to discuss what phishing is. According to Phising.org, phishing is a cybercrime whereby criminals contact you by email, text, phone, or other digital means in an attempt to lure or trick you into providing them with your private and personal information, such as bank details, passwords, and security questions and answers.
As you can imagine, if a criminal has these sensitive details, they can cause unrivaled financial harm, perhaps taking it further, committing other crimes and appearing to be you (posing real concern and consequences). There are numerous ways to protect yourself against phishing. However we will first discuss the different types of phishing methods used by cybercriminals in more detail.
What are the different types of phishing?
As previously touched upon, there are many different types of phishing used by cybercriminals. For example, these phishing techniques include:
- Deceptive phishing
Some of these phishing types can be used in combination with another, usually deceptive phishing (it may sound like something from James Bond, but it’s a serious thing!), impersonating a legitimate company or business through the use of real links and information to convince people to send over their personal and confidential information. Often, when you think of phishing, the definition we associate with the term is the deceptive kind.
Criminals will use real company details, whether this is brand details such as a logo or real links to websites, such as your local parcel company. However, they also embed HTML code and other details to steal your information, whether via a hack, or most commonly, by tricking you into sending over your personal information.
Deceptive phishing is a lot like guess who, a lot of the characters look familiar, but unveiling who is the criminal and who is the real deal can be difficult, especially as criminals impersonate real companies. For this reason, it’s extra important to pay attention to the smaller details, such as spelling mistakes in emails or text messages, unusual behavior, messages from unknown numbers and regular mobile numbers, spam emails, detecting modified brand details, although this can be rather challenging, especially if you don’t know what exactly you’re looking for. So, if you want to win the game of guess who, not making a fool of yourself in the process, then you need all the deets on how to prevent a phishing scam from happening to you. And no, playing guess who does not count as practice…
Within deceptive phishing, there is also what is known as “vishing,” and no, it’s not the Wish version of phishing…, but certainly a weird-sounding term. Vishing is a type of phishing that occurs over the phone, with targets contacted via a call while the criminal pretends to be someone else (an odd bit of roleplay), such as a bank or delivery service. As we’re sure you’re aware, bankers don’t contact you via mobile, so if you fall for that one, then perhaps it’s on you.
Anyways, spotting vishing is usually fairly simple: often scammers will inundate you with technical jargon (this is, in fact, nonsense…) in an attempt to confuse you. Also, will be unable to provide you with any further details when asked specific questions (you also get to make a fool of them!). Furthermore, caller ID is often used, and if not, you can detect the mobile number anyways – now that’s what you call a poor attempt at phishing, not even setting up the bait correctly.
Smishing is one of the most common types of phishing, paired with deceptive phishing (no, stop thinking of James Bond, this is a serious topic!). However, what is smishing? Smishing is phishing done via smartphone, contacting targets via SMS or text message. Generally, this type of phishing uses deceptive links to trick people into giving away sensitive information. However, can also include the download of malicious apps for remote control of a device, link stealing forms, and other deceptive acts such as asking targets to “contact” customer support for assistance. However, yes you guessed it: the scammer is customer support, looking to steal your information. Surprise, right?
Stay tuned to learn more!