Scammers Are Getting Savvier, So We All Need To Get Smarter
Phishing scams are getting more sophisticated. Stay informed and keep your private information private.
Phishing scams are getting harder and harder to spot. And they target anyone, not just your elderly aunt who doesn’t quite know her way around the internet.
Scammers are simply savvier now. Says Sean Duca, Vice President and Regional Chief Security Officer—Asia Pacific at Palo Alto Networks, scammers will often tailor their messages to look more legitimate.
“For example, scammers may attempt to target working professionals by impersonating their co-workers over email, or sending files named to resemble important working documents,” he tells Asian Money Guide.
Phishing prevention best practices: Some phishing scams are easier to spot than others
Image: Christiaan Colen/Flickr
There are three kinds of phishing scams:
1. Low complexity attacks
These include the dissemination of wide-spread email, with the intention of being able to catch at least a few victims, with no particular targets in mind.
How to spot them: These scam emails are identifiable through the poor usage of grammar, plain text formatting, and/or are sent from dubious sources.
2. Medium complexity attacks
These phishing attacks consist of emails that look more credible, usually including actual branding from legitimate websites.
How to spot them: These emails are harder to identify as scams due their good format and grammar. A possible trigger warning would be the impersonal nature of these emails.
3. High complexity attacks
These are the trickiest to detect; these scams involve receiving emails from known or trusted authorities. They look more legitimate because attackers use specific details about a victim by getting information from internal and public sources with the aim to set a cyberthreat in motion.
How to spot them: They are often an unusual or unexpected request.
New phishing scams and strategies to be aware of
1. Scams on messaging platforms
Scammers are now using new platforms, specifically messaging services like WhatsApp or Telegram.
“Common phishing campaign techniques involves sending text messages with offers of prizes or promotions,” says Duca. “These ‘incentives’ work to encourage recipients to click on a link or call a telephone number. The victim will then be asked to release personal information to the attacker, who is masquerading as a bank or perhaps an online shop.”
2. In-app notifications
Some scammers are also starting to use in-app notifications. While an app is running, pop-ups appear to encourage app users to enter their app ID and password. These pop-ups, Duca says, can also appear on the lock screen, the home screen, and also while other apps are running.
“Even the most cautious of users can be tricked into falling for phishing scams,” Duca continues. “This is why it is crucial for both organisations and individual users to pair good awareness with strong security solutions in order to protect themselves effectively again cyberthreats.”
Now that you're more aware of the different kinds of phishing scams, the best thing to do is to always err on the side of caution. Refrain from revealing personal information online, even when it seems perfectly harmless.
We hope you found this article on phishing scams helpful. Let us know what you think in the comments!
You may also be interested in the articles below: