Phishing scams are constantly evolving and becoming more sophisticated every day. This means these scams are becoming more convincing and harder to spot. We’ve compiled a list of the most common phishing scams, how to spot them and what to do when you receive one.
Extortion phishing
Extortion phishing, more specifically, password extortion has become quite a common tactic recently. Many people have reported receiving phishing emails with their password in the subject or opening line. An example of this is “I am aware XXXXXX is one of your passwords”. This is usually followed by a demand for payment in bitcoin.
If you receive one of these emails change your password ASAP. You can also check www.haveibeenpwned.com to check if you’re email has been compromised in a data breach.
Sextortion phishing
Sextortion phishing takes extortion phishing one step further by preying on people’s digital-age fears. These emails threaten the victim by saying they have access to their webcam and also have compromising footage of them watching pornography. In some cases, hackers have also claimed to have access to incriminating search history. The hackers then threaten to expose the footage and search history to their friends, family, and colleagues unless the victim pays them in Bitcoin. Some phishing emails use both threats of passwords and compromising footage as shown in the example below.
If you receive one of these emails do not reply or send money. These emails are sent out to thousands, even millions of people, usually, they are just bluffing. If you feel unsafe you can cover your webcam with some tape or invest in a laptop with a webcam cover like the new HP Elitebook.
Deception phishing
The most common type of phishing attack is deception phishing. This is where a hacker sends an email posing as a reputable brand, government agency or someone you know. Usually, there will be a threat involved or an attempt to access your payment information. These types of attacks aren’t just over email, they’ve also spread to social media. If you use the same password across multiple platforms (email, social media, banking, etc.) then you may have your social media accounts compromised by hackers impersonating you and asking your friends for money or gift cards.
To avoid this, try to use different passwords for your accounts so if one account is compromised you know they won’t be able to use that password on your other accounts.
Although these scams are becoming harder to spot or avoid, there are precautions you can take such as password management and enabling two-factor authentication. Similarly, you can safeguard your business from these attacks with Milnsbridge’s SOE and Managed Security services. To find out more call us on 1300 300 293.
