Phishing Attacks, Concerns, Threats, Best Practices

Learn more about today’s growing phishing attacks and threats from Charles Denyer, one of the world’s foremost cybersecurity experts and keynote speakers.

Phishing attacks are a type of social engineering attack often used to steal a wide-range of user data, ranging from passwords to credit card numbers, and much more. A phishing attack happens when someone is masquerading as a trusted entity, effectively tricking an unsuspected victim into opening an email, a text message or some other form of electronic communication. The victim then clicks on the link, and this is where the attack essentially goes from bad to worse as malware then infects a user’s computer, often spreading to other systems, especially if that user is on a company network.

Examples of Common Phishing Threats & Attacks

The attacks are becoming more sophisticated, and more damaging, unfortunately. Some of the more notable phishing attack strategies – and real-world examples – include the following:

Look-Alike Websites: How closely do you look at a URL or images within a website for a major provider of services? Probably not close enough as an untold number of computer users continue to fall victim to look-alike websites that are nothing more than well-designed fraudulent websites aimed at stealing your information.  A number of well-known U.S. businesses are often the target of look-alike websites in terms of fraudulent sites being served up to unsuspecting victims as the official website, so be careful what you click on a site!

A De-Activation Notice: If you don’t log in to update your personal information, your account will be de-activated. That’s the general message used as a scare tactic to get you to click on a link by fraudsters initiating one of the more commonly executed phishing attacks.

Nigerian Scams: Also known as Advance Fee Scams, Nigerian Scams essentially involve a criminal overseas offering an individual a substantial amount of money on the condition you assist them in transferring money out of their country.  While they technically originated in Nigeria, they now come from all over the globe.  The emails are often written poorly with bad grammar, regardless, people fall victim to this scam all the time.  Think smart people don’t fall victim to Nigerian scams? Think again as csoonline.com ran an online article on November 2, 2017 titled “15 real-world phishing examples — and how to recognize them” and how one CEO, even a Nobel Peace Prize winner – fell victim to Nigerian scams.

The Feds are Looking for You: There’s been a rash of fraudulent scammers sending emails and making phone calls claiming they’re any number of federal agencies. Received a call from the IRS agent stating someone is about to seize your property and freeze your bank account if you don’t pay an exorbitant fine?  You may laugh, but literally tens of thousands of U.S. taxpayers have fallen victim to this scam, and many others. 

“Hi, this is Tech Support, we Need your Login Information”:  Phishing scams also include fraudulent tech support emails and phone calls asking you to provide login information, or even worse, to download a certain type of software onto your computer.  Falling for these scams often results in malware being placed onto your computer – and once again, if you’re connected to a larger network, then the malware can spread and create true havoc.

Scams on Craigslist: There’s a lot to like about Craigslist – it’s free (for the most part), you can find almost anything you need, from puppies to ironing boards, even a great deal on a user car, and it can be downright entertaining. But it’s also a double-edge sword in that scammers love to troll Craigslist, putting up ads for any number of fraudulent and devious scams.

GoFundMe Scams: This is one of the worse types of scams in my book as honest people are giving their hard-earned money away to fraudsters who claim they have a medical illness, need desperate financial assistance, or any other type of concocted scam.  GoFundMe – and other fundraising sites – have been in the news quite a bit lately due to a number of high-profile scams that have caught the attention of the media.

Major Scam in the Millions: Think the digital giants are immune to fraudsters and phishing scams? Well, think again as Facebook and Google fell victim to a scam by Evaldas Rimasauskas, a 48-year-old Lithuanian who fabricated email addresses, invoices, and other business information to masquerade as Quanta Computer – a hardware supplier based in Taiwan that often works with large tech companies. This was a stunning display of phishing brazenness that duped even the savviest of tech companies. 

SMS Phishing: Scammers are now moving into SMS text phishing scams, a natural outlet considering almost everyone these days has a cell phone.  And yes, people fall for SMS scams all the time. Some want payment for a service never performed. Some request a donation for a fraudulent charity. And some result in malware being inserted on to your device after clicking on the link.  Be suspicious of any text message requesting a payment and offering a link. Chances are it’s a scam.

Bottom line:

  • A phishing attack happens when someone is masquerading as a trusted entity, thereby tricking an unsuspected victim into opening an email, a text message or some other form of electronic communication.
  • Phishing attacks are becoming more common, more sophisticated, and more damaging
  • There are a wide-range of phishing attacks, from look-alike websites to online scams, and more
  • Employees are not properly trained to identify such attacks

Want to Learn More and also Grow your Business?

Want to learn more about phishing attacks and how cybersecurity can be your rock-solid competitive advantage for long-term growth and profits? Charles Denyer, one of the world’s leading cybersecurity specialists and a globally recognized cybersecurity keynote speaker, offers organizations a way to secure their information systems, while also creating immense value – and increased revenue generating opportunities from their clients.  How? By obtaining a competitive advantage through cybersecurity.  Book Charles as your next keynote speaker, and learn more about securing and growing your business today.

Keynote Topics

A Security First Marketing Approach

Changing Organizational Culture when it comes to Cybersecurity

The A to Z on Cybersecurity

Cyberterrorism & America’s Critical Infrastructure

Responding to a Cyber Attack

Understanding Today’s Growing Data Privacy & Regulatory Compliance Landscape

Can’t Have One Without the Other

Why InfoSec & Cybersecurity and Regulatory Compliance are Forever Hitched with One Another