Burton Kelso, Tech Expert
How to Avoid Phishing Scams This Holiday Season
Updated: Dec 20, 2020
I know I've been writing about scams for the past couple of weeks, but the pandemic has cybercriminals crawling out of the woodwork to take advantage of all of the chaos COVID19 has caused. With many of you working from home, there has been a rise in phishing scams. which used to target only individuals and the elderly, but now criminals want to take advantage of those of you who are no longer under the protective umbrella of your corporate IT department. Phishing scams come in many forms so it's essential for you to know what steps you and your family need to do to keep safe from these latest cyber attacks
What is phishing? Phishing is the act of cybercriminals attempt to get your personal information over your landline or cell phone by preying on your fears and other emotions. This is called social engineering, which is the act of using threatening actions towards you or preying on your emotions in order to get financial or personal information. VOIP (Voice over IP) technology enables criminals to spoof caller ID so the incoming call looks like it comes from a trusted source.
Why are these attacks on the rise? Phishing has been around for well over 10 years, but it has increased in recent months because of the pandemic. With many companies shifting to a remote workforce means more people are working from home and being more accessible by smartphone and landline. Covid19 is the central theme with Vishing and criminals are using the pandemic to scare people into giving up their personal data. Also more and more of people’s personal info is on the dark web via large-scale data breaches giving criminals a treasure trove of personal phone numbers give them access to more people to call. Phishing attacks are highly effective because people make spur-of-the-moment decisions on their computers and other smart devices. 99% of cybercrime requires user interaction. This means whenever you get an email, phone call, or a text message, you need to take the time to see it's from a legitimate source.
Below are some of the different types of phishing attacks you need to look out for:
Email phishing: Hackers send you emails that look like they are from trustworthy sources. These are normally sent as a mass email targeting a wide range of people. For example, you may get an email that looks like it’s from your financial institution, informing you there is a problem with your account or asking you to validate your account credentials by clicking on a link in an email. When you click on that link, it will direct you to a website that looks like it's from your bank or credit card company. It will ask you to enter your personal login information that a hacker will steal.
Spear phishing: This is the process of a cybercriminal targeting you specifically. These attacks occur when criminals get your personal information off the dark web or other sources that may have leaked your data. You might get a personalized email saying there is a problem with an order you recently placed or problems with reservations for that holiday getaway. If you click on the link on the email, it will take you to a website that looks legit. If you enter your information in the website, criminals will take your information.
Whaling: This is the process of scams that target people that are in executive positions in a business. This information is normally obtained by criminals by looking at Linkedin and other social media accounts as well as company web sites. Once the executives have been targeted, they will get phishing emails that look as if they are a company from individuals from within the company asking for sensitive data. The reverse can happen as criminals will pose as executives from a company and send scam emails to employees asking for sensitive company data. This process has become much more
Vishing: Voice-based phishing attacks are called Vishing. Rather than an email, a criminal will call you and ask for sensitive information. Vishing calls are the ones you or your family may get from crooks posing as the IRS, FBI, or Medicare/Medicaid asking for your information. Remember when Twitter was hacked earlier this year? That occurred because a criminal called Twitter posing as an employee who lost their login credentials and was locked out of the system.
Smishing: Text-based phishing attacks are called smishing (why they aren't called 'tishing' remains a mystery). Smishing attacks work like any other phishing attack. For example, you might get a text message that says there's a problem with your Amazon order along with a link for you to click to fix the problem. Again, you're taken to a mobile site that looks legitimate, but the only purpose of the site is to steal your information. Smishing attacks are growing in number because it's easy for a criminal
What can you do to avoid these scams?
Stop sharing your mobile number and your email. Your mobile number should only be for close friends and family. Same thing with your email. When you're sharing your mobile number when you fill out online forms or if you have it listed at your business number on your website, you're just inviting people to contact you with spam calls. If you're a small business owner, use a service like Vonage for your business number. If you're an individual, you can use WhatsApp and Google Voice to create a public number to give out to people. As far as your email. create one for family and friends and one for the public.
Don't pick up the phone, respond to that email or text. Yes, it's tempting to respond to every communication that comes into your smart devices. No, you don't have to respond back. If you don't know who it is, let it go to voicemail, your spam folder, and sit as an unanswered text.
Join the National Do Not Call Registry. When you add your home or mobile phone number to this registry, it tells telemarketers you don't want their phone calls. This doesn't stop all calls, texts, and emails, it's a start.
Hang up. If you get what you think is a vishing call, just hang up. Don't talk to them, don't play with them. Just hang up, and block the number.
Verify their identity. If you are curious about an email, text or voice call that comes in, call the company that was represented to see if the company called you for any reason. That means contact your bank, Amazon, etc directly. If the person provides a call-back number, don't use it.
Download an app to block those pesky calls, emails, and texts. Most email services are already doing a good job of blocking those scammy emails that are coming in your inbox. Services like Yahoo, Google, and Outlook.com stop the bulk emails that come in. If you're a business owner, you need to purchase a domain name to use to decrease spam emails. Check to see if your mobile provider offers voice and text spam connection and enable it. If that doesn't work, consider RoboKiller (www.robokiller.com). For a small monthly fee, block all that junk that comes in.
Phishing attacks are created to trick you but it's possible to learn the red flags before you respond to that phone call, email or text message. Make sure you stay ahead of the cybercriminals who are trying to get your personal details to steal your data.
Looking for More Useful Tips Tips?
My Tuesday Tech Tips Blog is released every Tuesday. If you like video tips, I LIVE STREAM new episodes of 'Computer and Tech Tips for Non-Tech People' every Wednesday at 6:00 pm CST on Facebook, Instagram, LinkedIn, and Twitter. Technology product reviews are posted every Thursday. You can view previous episodes on my YouTube channel.
Click this link to sign-up and subscribe and you will receive every tip directly in your inbox each week.
Want to ask me a tech question? Send it to email@example.com. I love technology. I've read all of the manuals and I'm serious about making technology fun and easy to use for everyone.
Need computer or technology help? If you need on-site or remote tech support for your Windows\Macintosh, computers, laptops, Android/Apple smartphone, tablets, printers, routers, smart home devices, and anything that connects to the Internet, please feel free to contact my team at Integral. Our team of friendly tech experts organization can help you with any IT needs you might have. Reach out to us a www.callintegralnow.com or phone at 888.256.0829.
Please share this with your friends and family! If you found this post useful, would you mind helping me out by sharing it? Just click one of the handy social media sharing buttons below.
#techtips #technology #tech #technews #techreview #techgadgets #techtricks #techtalks #techyoutuber #instatech #technologynews #techsupport #covid #smartphone #tablet #computertips #computernews #computerreview #computersupport #apple #microsoft #samsung #hp #dell