Smishing, vishing and whaling: How phishing scams are evolving


Watch out when messaging: Phishing attacks are no longer just being mounted as emails. — Photo: Fabian Sommer/dpa

BERLIN: Boring-looking bank emails and would-be family members in distress are just two of the ways that cybercriminals like to fool people into sharing passwords and credit card details.

Alarm bells should always be ringing when a service or person asks for your password, especially for your online banking service, but also for your social media login details or phone number.

Criminals are still targeting the unwary by email to lure them to fake websites, and yet they have also moved far beyond that these days.

Here are an overview the various kinds of phishing techniques that are being used and what you can watch out for:

The relative in need of help: Someone posing as an old friend or relative gets in touch with you on Facebook or some other social media platform, asking for help (or usually money). Often, they will say they they have lost their phone and all their money, explaining why they get in touch with an account or number you don't know.

Smishing: Smishing (a neologism made up of SMS and phishing) is when cybercriminals send a text message baiting recipients into handing over their login data. One widespread scam involves a text message telling you that your package needs to be picked up. Don't click on the link! - Spear phishing: This describes targeted data fishing attacks that focus on a specific group of people, such as staff at a company. If your name and company email address can be found online, then you might get an email that looks like it's from your own company. Watch out for typos, dodgy-looking formatting and unusual requests to log in.

Whaling: This is the term used to describe phishing attacks on big fish, meaning particularly wealthy victims. These attacks will often involve lots of preparation and, like spear phishing, often be targeted specifically at one person.

Vishing: This technical term is a combination of voice and phishing and means nothing other than manipulation and fraud attempts via telephone calls. Often an unknown number will call you and begin an automated recording. Another classic example is of someone pretending to be from Microsoft IT offering to help with something that has been slowing your computer down.

Cybercrime experts recommend two ways you can protect yourself.

1. Never let yourself to be pressured into action.

2. If a would-be company or person wants something from you, then first follow up with a phonecall to a number you can be sure you can rely on.

If worst comes to worst, block any accounts that may have been affected and change your passwords as soon as possible.

Also, secure evidence and file a criminal complaint. If money has been stolen, report the damage to your bank and check if you have insurance that covers phishing attacks. – dpa

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Albania bans TikTok for a year after killing of teenager
As TikTok runs out of options in the US, this billionaire has a plan to save it
Google offers to loosen search deals in US antitrust case remedy
Is Bluesky the new Twitter for teachers in the US?
'Metaphor: ReFantazio', 'Dragon Age', 'Astro Bot' and an indie wave lead the top video games of 2024
Opinion: You can pay for white noise, but you don’t need to
Rumble to receive $775 million strategic investment from Tether
OpenAI unveils 'o3' reasoning AI models in test phase
Qualcomm secures key win in chips trial against Arm
US finalizes up to $6.75 billion in chips awards for Samsung, Texas Instruments, Amkor

Others Also Read