Phishing… fishing for information
We live in a world where people buy more online, are consistently online doing e-banking, e-bills payment, e-shopping, and sharing personal information.
The result is that they leave a digital footprint behind. A digital footprint that allows cyber thieves to get to your personal financial information – and, at best have a good night out which you are paying for.
Phisher are today well armed with sophisticated tools and techniques. How many times have you heard of a major bank or commercial house being successfully cyber attacked or hacked?
Only recently, here in Malta, BoV went through a similar experience. Now these organisations invest heavily in security – hardware, encryption software, intrusion detection systems, and on and on; as well as scores of IT personnel trained in IT security. And yet they get hit.
No. The good part is that you are unlikely to be subject to such heavy hacking campaigns. Does this mean that you are scott free? Again no. There are a number of organized phishers and scammers who specifically target individual such as yourselves; as against it the company.
You have heard of the Nigeria scams: receiving emails that you won this or that lottery and all you have to do is provide financial sensitive details or provide them with a good sum of money. And there you – robbed. Cyber-robbed.
We at Gemma, like to keep things simple. So we picked this definition from www.yourdictionary.com which says that phishing is a telephone or internet fraud scam, where a scammer sends you an e-mail message that (or over the phone represents themselves to) appears to be from a bank or credit card or investment firm to trick you to give out your sensitive financial information – username, password, account number, etc. And bingo you are scammed!
I hear you. You say that you won’t fall for it. Well …. The phishing attacks are well prepared, and very often well designed. Like the proverbial salesperson on your door step, the scammer plays on your emotions, or desires (greed is a big one) and leaves you little time to respond – too often nudging you in the direction they want:
• “You won a €500 holiday to Rome: you have 15sec to click to accept the price …”
• “Your account will be cancelled if you do not log in immediately” (concern, sense of urgency)
Have you heard of the Adverts doing the rounds with famous Maltese personalities urging persons to purchase crypto-currency? No?
One other form of scam – is digital impersonation of a famous local personality to buy into a dodgy (that is, scam): follow this link to know what Cyber Security Malta says about this:
And too often, the website is professional, the name, logo, contact details in the signature used by the phisher seem genuine and convincing and you are in a rush that you, failing to note the little discrepancies like a displaced letter in the message’s url, that you take it as the real thing.
(1) If you use Internet banking carry out on-going checking of transactions so if the worst happens you catch it as early as possible.
(2) Check your devices – mobile, laptops, computer, tablet – whatever to make sure that there are no open doors through which a scammer my trawl you over for your sensitive financial information. If you don’t know how, ask a techy from within the family; and if no such person exists go to the shop you bought it from and ask for them to walk through the installation process so that he explains and informs you of your vulnerabilities.
Such updates include what is known as ‘patches’: that is new software introduced by the owner which sometimes include closing down vulnerabilities within the system which could leave you open to a scamming attack.
Additionally – some more tips to prevent phishing attacks
- Always have strong passwords (characters, numbers, upper case, lower case, at least 8 characters)
- Change passwords regularly
- Be cautious what personal data to provide
- Delete immediately any emails which look dodgy.
- If you open an email and you are asked to click on a link – Don’t do it. First check out the origins of the email keeping in mind that this may be a rogue
- Ask when in doubt
- Do not leave devises unattended; lock.
- Be cautious with the information you share on the web and social media.
- Delete immediately junk or unknown email
- Encourage family members and friends to take these measures
- Check whether the link look suspicious
AND ALWAYS, WE MEAN ALWAYS, KEEP YOUR ANTIVIRUS ON. AND ALWAYS, AND WE MEAN ALWAYS, UPDATE YOUR OPERATING SYSTEM WHEN YOU ARE ASKED TO DO SO BY THE COMPUTER.
You can find more information about phishing on www.cybersercurity.gov.mt.
How can you respond to a phishing (or spoofing) attack?
Contact the police and Cyber Security Malta. Cyber Security Malta can be contacted via https://cybersecurity.gov.mt/contact-us/
‘Phishing’, ‘spoofing’, and ‘scamming’ mean the same thing.