#Middlebury #Phishing
By JUSTIN GOLDEN
Phishing refers to tactics someone uses to try to gather confidential and sensitive information from you by tricking you into believing you should share personal data such as your identification, password and credit card details with them because they appear to be a trusted entity like family, a friend or colleague. It’s a takeoff on the summer activity, fishing, but instead of using live bait, hooks or lures they appeal to your inclination to reply quickly without much thought or careful consideration. It’s a type of social engineering that uses deception while appearing genuine and legitimate.
Phish Me, a company that provides education and services to reduce the likelihood of companies falling for these constant and increasingly sophisticated schemes, estimates that “91 percent of cyber attacks start with a phishing email” as recounted in an article in Digital Guardian by Anas Baig.
“Phishing can come in the shape of phony confirmation emails for online purchases, job applications, failed delivery notifications, security updates and even legal notices, each of which can be used to instill a sense of urgency or fear to further increase targets’ odds of taking the bait,” Baig said.
Graham Cluley, a computer security analyst, writes a newsletter that tells of a new trend that will give you even more pause while you’re online. The phishers target PayPal users not only for their login credentials but also for selfies of them holding their ID cards. You receive an email informing you that PayPal has suspended their account “for security precaution.”
As you no doubt have experienced, the phishing email usually employs poor grammar with bad spelling. It encourages the individuals being scammed to provide their name, address and credit card number. If you fall for that, then they’ll ask for even more personal information such as a form of identification like a driver’s license along with a selfie of you holding it.
Google was the victim of a phishing scheme that focused on their worldwide Gmail customers. The tactic mimicked legitimate Google emails, and it appeared in your inbox telling you someone shared a Google doc with you. Once you clicked on the button in “Open Docs” everyone in your address book was sent an email from you as the sender. The idea was to spread this as broadly and quickly as possible.
According to Digital Guardian, you should take these online precautions
- Carefully examine the senders of unsolicited or unexpected emails.
- Check links – don’t click on any links within emails.
- Search Online – do a search to investigate the validity of communications.
- Look out for typos – email from a reputable company with typos or poor grammar indicates it is illegitimate.
- Use multi-factor authentication – two forms of identification, e.g., a password and a security question.
Most cyber attacks and data breaches can be prevented by educating yourself on how to work more carefully while online.
Don’t become the next cyber security hacking statistic. Contact Golden Technology Services Inc, at 972-670-9738 or info@gtscloud.com to reduce your online risks.