Have you received suspicious emails, phone calls, or other types of messages recently? You may have been the target of a phishing scam. While it’s sometimes easy to spot a fraud, scammers continue to grow in sophistication and they tug on our emotions to elicit a quick response. As we enter a new year, brush up on your cybersecurity knowledge by learning about the latest phishing scams.
What is phishing?
While phishing is commonly recognized as a cybercrime, it’s important to realize that phishing attacks can originate from multiple sources including phone calls and text messages as well as digital sources like email and social media messages.
Phishing scammers pose as legitimate institutions such as banks, retailers, utility companies, and more. Their objective is to persuade you to provide sensitive information such as bank account and credit/debit card numbers, login credentials, your social security number, and other personally identifiable data.
Once successful, phishers will use your information to steal your identity and/or money. While anyone can be targeted by phishing attacks that cast a wide net by mimicking popular services or taking advantage of current events such as the Coronavirus pandemic, executives and people in accounting or HR are most likely to receive attacks simply because their information is usually published on company websites, job listings, etc.
How to recognize a phishing scam
Before we get to specific scams, memorize these common features of all phishing plots to help protect yourself from falling for one.
- If it seems too good to be true, it probably is. Whether a really good price on a popular item or a lavish prize for a sweepstakes you don’t remember entering, beware!
- You feel rushed. A sense of urgency is another red flag. Scammers don’t want you to think it through and realize it sounds fishy, so they try to pressure you into a split-second decision.
- Hover before you click. Just because a link says “The First National Bank of Newtown,” for example, doesn’t mean the actual URL is for our legitimate website. That’s why it’s best to hover before you click so you see the full web address and check for irregularities.
- Don’t open emails from unknown senders. Don’t open messages from senders you don’t recognize. Of course, scammers will also try to impersonate legitimate senders, so scan the email address carefully.
The same goes for attachments. Phishing scammers can use attachments to infect your device with ransomware or other viruses. Don’t open any attachments you weren’t expecting or that come from unknown senders.
Types of phishing scams to look out for in 2021
Now that you can recognize the signs of a phishing scam, learn about the specific approaches scammers are taking right now.
Occurs via email and phone. Usually tries to elicit an emotional response. For example, you could receive an email that fraudulent activity has occurred on one of your accounts, an account is being deactivated, there’s a billing issue with your Amazon account, you’ve won something, etc.
Whereas regular phishing is more like casting a wide net, spear phishing targets specific individuals or organizations. Spear phishing is a campaign that was purposefully built by a threat actor with a goal of penetrating one organization. Executives, Accounting people, and HR are particularly prone to spear phishing campaigns.
It’s easy for scammers to make a website that looks and functions similarly to a real website. This can trick you into unknowingly sharing your personal data, which scammers can then use to login to the website they were emulating. If you use similar passwords on multiple websites, scammers may also be able to access your other accounts using the same login credentials.
These phishing attacks via SMS/text message are also popular nowadays. They use the same tactics as outlined above, with the goal of trying to get you to click on a (probably suspicious) link.
Money Mule Scams
This type of scam usually begins with someone offering you a job, contacting you about a sweepstakes prize you’ve “won,” or striking up a romance with you through online dating platforms. Soon enough, they ask if they can send you money and have you send it to someone else, usually via a wire transfer or gift card. Just say no and cut off contact. Otherwise, you may end up moving stolen funds or losing your own money when the check they gave you turns out to be fake.
As the Coronavirus pandemic continues into 2021, you can expect to see scammers continue to take advantage with fake offers for test kits, vaccines, and more. A good rule of thumb is to seek out information from reliable sources, such as news outlets and government websites, instead of responding to information sent to you from unknown sources. Read our article on Covid-19 Scams in Bucks County to learn more.
The First is here to help!
At The First, your privacy and security are important to us. The more you learn about cybersecurity and common scams, the better protected you’ll be. Visit our Security Center for related topics, find the latest updates from The First, and contact us if you have any questions about your account(s). We are proud to be your trusted community partner for more than 150 years!