In this day and age you can never be too careful when it comes to protecting your personal information. With today's technology there are numerous ways in which the modern criminal will attempt to fool you into forfeiting valuable information. Phishing is when individuals try to scam innocent people by sending them emails claiming to be legitimate businesses. The scammer designs the email out to look very realistic, some almost identical to the company that they are trying to impersonate. The phony email will then request personal information from you by directing the user to another website. At this website they will request a password reset or account numbers in order to use this information for their benefit. This is one of the most popular ways to become a victim of identity theft, the user will give up the requested information thinking that they are giving it to a trustworthy source.
One example of a phishing scam came in 2003 when attackers set up a fake email pretending to be eBay. The email alerted the individual that their account will expire unless they renewed their credit card information. The victim would then input all the necessary information into a fake website hosted by the criminal in order to steal their credit card information. Many fell victim to this scam and is one of the most notorious to date. Don't fall victim to this, be aware that banks and other companies who hold your valuable information will never send you an email requesting this sensitive information. The criminals that capitalize off of crimes of this nature are very tech savvy and have numerous tricks to fool the common person. These scams are sent in mass emails to random targets. The mailer knows not everyone will have accounts with the business he is spoofing, but a lot of individuals will.
Beware, the scammer can also pose as a coworker or even a superior. In this case they will ask you something that is work related and have you give up sensitive information without thinking twice about it. Always be on the lookout for misspelled URL's. The attacker will try to impersonate the legitimate website to the best of their ability. Also be on your toes and question everything that is sent to you unless you know the source personally.
Types of Phishing
- Spear Phishing: This is phishing with a specific individual or company targeted
- Clone phishing: In this case the sender will use a real copy of a legitimate email that is from a real company. The catch is that they will attach a link to the real email redirecting the individual to the fake website.
- Whaling: This is phishing with one intended target. Whaling targets an individual in a very high position.
- Rogue Wi-F: Attackers will set up a free Wi-Fi access points and configure them to run man in the middle attacks in which they can access valuable information.