Smishing, vishing and whaling: How phishing scams are evolving


Watch out when messaging: Phishing attacks are no longer just being mounted as emails. — Photo: Fabian Sommer/dpa

BERLIN: Boring-looking bank emails and would-be family members in distress are just two of the ways that cybercriminals like to fool people into sharing passwords and credit card details.

Alarm bells should always be ringing when a service or person asks for your password, especially for your online banking service, but also for your social media login details or phone number.

Criminals are still targeting the unwary by email to lure them to fake websites, and yet they have also moved far beyond that these days.

Here are an overview the various kinds of phishing techniques that are being used and what you can watch out for:

The relative in need of help: Someone posing as an old friend or relative gets in touch with you on Facebook or some other social media platform, asking for help (or usually money). Often, they will say they they have lost their phone and all their money, explaining why they get in touch with an account or number you don't know.

Smishing: Smishing (a neologism made up of SMS and phishing) is when cybercriminals send a text message baiting recipients into handing over their login data. One widespread scam involves a text message telling you that your package needs to be picked up. Don't click on the link! - Spear phishing: This describes targeted data fishing attacks that focus on a specific group of people, such as staff at a company. If your name and company email address can be found online, then you might get an email that looks like it's from your own company. Watch out for typos, dodgy-looking formatting and unusual requests to log in.

Whaling: This is the term used to describe phishing attacks on big fish, meaning particularly wealthy victims. These attacks will often involve lots of preparation and, like spear phishing, often be targeted specifically at one person.

Vishing: This technical term is a combination of voice and phishing and means nothing other than manipulation and fraud attempts via telephone calls. Often an unknown number will call you and begin an automated recording. Another classic example is of someone pretending to be from Microsoft IT offering to help with something that has been slowing your computer down.

Cybercrime experts recommend two ways you can protect yourself.

1. Never let yourself to be pressured into action.

2. If a would-be company or person wants something from you, then first follow up with a phonecall to a number you can be sure you can rely on.

If worst comes to worst, block any accounts that may have been affected and change your passwords as soon as possible.

Also, secure evidence and file a criminal complaint. If money has been stolen, report the damage to your bank and check if you have insurance that covers phishing attacks. – dpa

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

PayPal says system issue affecting multiple products
X's former top policy chief takes job with Elon Musk rival, Sam Altman
Alibaba integrates e-commerce platforms into a single business unit
US watchdog issues final rule to supervise Big Tech payments, digital wallets
Nvidia to build AI school in Indonesia, VP says
A Google PC running Android could be in the works
Factbox-US prosecutors demand Google divest Chrome to end search monopoly
South Korea's AI chip investor announces plan for share buybacks
Australian eyes US$30mil fine for social media flouting under-16s ban
US govt calls for breakup of Google and Chrome

Others Also Read