Phishing: An introduction

March 11, 2020

Phishing is a common tactic that cyber criminals use to steal personal and financial information from you. Phishing messages usually take the form of an  email or phone call from a cyber criminal who is pretending to be someone they are not, such as your bank.

Cyber criminals have become increasingly sophisticated in their phishing campaigns.

Arm yourself with the following tips so that you can be vigilant about staying cyber secure.

What does phishing look like?

Phishing messages appear to be from a legitimate source but, in reality, they are from cyber criminals who are attempting to trick you into sharing sensitive information. In these messages, cyber criminals frequently use scare tactics, such as threatening to close your accounts or arrest you unless you give them information that you would ordinarily keep secure. If successful, the cyber criminal can use that information to steal your identity or to gain access to your accounts.

For example: Many cyber criminals claim to be from government organizations and threaten potential victims with fines or an arrest if they do not call them back with personal information.

What are the different forms of phishing

Phishing refers to any attempt to steal information, whatever the means. Phishing messages can come in almost any form: Emails, text messages, social media direct messages, or phone calls.

In most cases, cyber criminals’ phishing campaigns are untargeted attempts to solicit personal details by casting as wide a net as possible to get people to respond.

However, there are more specific versions of phishing that are worth knowing about:

Smishing
Is a phishing attempt through SMS (text message).
Spearphishing
Is a hyper-targeted phishing attempt in which a message is designed to sound like it’s coming from a source you know personally.
Whaling
Is a phishing attempt aimed at a high-profile target such as a senior executive or other high-ranking official in an organization or government department.
Spoofing
Involves creating a fake website to get someone to share their personal information

The dangers of falling for a phishing campaign

Falling for a phishing scam can be very costly; you can lose money and your personal identity.
Cyber criminals can use the information that they gather to steal your financial information, open accounts in your name, or steal your identity.

How to protect yourself from phishing campaigns

There is no simple way to ensure you are 100 per cent protected against phishing campaigns.

Phishing campaigns are becoming increasingly elaborate, and the growth of digital platforms, like social media, have given cyber criminals many opportunities to reach victims.

The best way to protect yourself from a phishing campaign is to be extremely cautious any time you receive a message that asks you to reveal personal information – no matter how legitimate that message may appear on first glance.

Whenever possible, you should try to verify requests for information through another means.

For example: If you receive a message from your bank requesting you take immediate action to click on a link or verify some information, simply call your bank branch directly to verify the message’s legitimacy.

Remember, most legitimate organizations will never ask you to reveal information through an email or text message.

Conclusion

Phishing campaigns can be difficult spot. Cyber criminals have become experts at using sophisticated techniques to trick victims into sharing personal or financial information.

But the best way to protect yourself is to learn how to spot a phishing scam before you take the bait.


Follow Get Cyber Safe on Twitter, Facebook and Instagram.


Comments

By submitting a comment, you agree to have Public Safety Canada collect the comment and publish it on this website (comment policy).



Comments

There are no comments at this time

Date modified: