Phishing scams are everywhere, particularly during the holiday season as cybercriminals seek to take advantage of unsuspecting online shoppers. These types of online scams can be particularly devastating, with victims often seeing their entire savings wiped out, their identity stolen and personal information published on the dark web.
Cybercriminals are getting smarter every day. In order to stay ahead of them, it’s important that you remain up to date with their latest tricks and tactics. Educate yourself, your friends and your family about the types of scams that online crooks like to carry out around the holiday period to ensure the safety of those close to you.
What is phishing?
A phishing scam is an attempt by a cybercriminal to trick you into sharing personal details. This can include your personally identifiable information, financial details and online account login information.
In order to undertake a phishing scam, a cybercriminal will imitate a trusted business such as your bank, internet service provider or workplace. They will contact you, usually via text or email, and ask you to confirm personal details as a matter of urgency.
For example, you might receive an email from “your bank”, informing you that there has been suspicious activity on your account. The email will ask you to login (via a provided link) to confirm nothing is amiss.
This link will take you to a page that appears to be genuine but is actually completely fabricated. The cybercriminal is hoping that you will login and provide them with all of your financial details, which they can either sell on the dark web or use to wipe your accounts.
Common phishing scams
There are many different types of phishing online scams, all with the same aim of stealing your personal information.
A phishing attack generally targets thousands of potential victims, with criminals hoping that a few will fall for their scam. In contrast, a spear phishing attack is highly selective and usually focuses upon a single member of a workplace environment.
A spear phisher is hoping that their victim will click on links in an email or open malware ridden attachments so that they can infiltrate a company’s server, steal corporate information and destroy systems.
Whaling is very similar to spear phishing in that the victim is well-identified and thoroughly researched before the attack is carried out. The main difference between the two is that a cybercriminal undertaking a whaling scam will pretend to be someone within an organisation, usually a CEO or senior executive. They will attempt to convince their target to share personal information or transfer large sums of money, and are often successful in their goal.
Also known as “voice phishing”, vishing occurs when a scammer carries out a phishing attack over the phone or via voicemail. They may pretend that you have won a prize or are being offered a free gift, providing that you share your credit card details.
How can I protect myself?
Cybercriminals know that more of us are shopping online this holiday season and are looking to capitalise on this opportunity by conducting wide-scale phishing attacks.
Follow these cyber safety tips to protect yourself and those around you across the Christmas and New Year periods.
- Don’t click on suspicious links: Avoid clicking on suspicious links in emails, text messages and on websites. Should you receive a message from “your bank” asking you to check your bank balance, open a new browser and type the URL rather than following a link.
- Research online stores before purchasing: It’s always a good rule of thumb to make sure that an online e-commerce website offers customer service and has a social media presence before making a purchase. These are indicators of a legitimate company, not a criminal trying to steal your personal details.
- Be wary of all communications you receive: If you get an email from your boss asking for your phone number, call them yourself. Check the email address carefully for odd spellings and use of punctuation before responding to any messages.
- Install a phishing filter: A phishing email filter will automatically scan all incoming messages for signs of spam and move any suspicious messages to your junk folder. It is not fool-proof, but can be a valuable tool in protecting you against online scams.
Doing your holiday shopping is stressful enough without entertaining the risk of phishing attacks. Keep your guard up and share this information with those around you so that we can all stay safe online.
Bridget Black is a writer and editor, currently living in Melbourne. She is a copywriter for Newpath Web and loves working with words of all shapes and sizes. When not playing around with punctuation and grammar, she enjoys travelling and curating her Spotify playlists.