Types of phishing scams and how to avoid them
Phishing is the process of someone attempting to steal your information with the intent of selling it or using it for their own gain. Phishing can happen over five (5) mediums in many forms. We’ll go into detail of each below. Avoid these scams by using common sense, not clicking links you don’t know, and installing antivirus software.
Mediums phishers use to scam users
Scammers use the internet, email, text messages phone calls, and mail to exploit you. Let’s dive into how scammers try to get your information by covering all the mediums they use:
1. The Internet
The internet is a great place for learning more and making life interconnected and easier. There is, however, a risk of having your personal information stolen of you’re not safe. Here are a few ways they steal your information:
The most prevalent type of phishing scams happens over the internet as a clickable link. It’s an easy way for scammers to steal your information. Once a link is pressed, malware can be remotely installed on your computer. Depending on the malware, they could control your computer or find personal information on the hard drive.
An internet search
Some phishing attempts can happen as internet searches as well. Links can be hidden behind a top spot as an advertisement and when you click it, a download begins on your computer. This attempt doesn’t have too often, thankfully, but be aware when clicking ads.
Popups are an older attempt at phishing, but can still happen today. Avoid entering information in a popup, even if it looks legitimate. The information you enter can be used to exploit you later or to simply spam you.
Phishing emails come in all types. Whether be a way to trick you or cause fear, phishing emails try to take your information or steal your money.
It could be as “innocent” as someone posing as your boss or friend and say they need your personal cell phone number or as bad as convincing you to click a link that allows them to take control of your computer. When in doubt, double-check with this person in a separate message service to validate their request.
It’s known that callers will contact the elderly and convince them to install malware on their computers. This malware will give the hacker control of the device. Usually, something will go wrong and then they’ll ask you to send money. Avoid this by not answering calls from numbers you don’t know and not clicking links you don’t know where they go.
Some scammers will use a fear tactic to convince you to send them money. They may say they “watched you doing something inappropriate over the webcam” and ask you to send money. If you don’t, they’ll “send the hacked information to all your contacts.” Don’t fall for this.
Other scammers may email you saying “I’m your son and I need money [or gift cards] to get out of jail [or some other bad situation].“ Again, confirm with them in another message type that this is true before you send money.
3. Text message
Spam text messages are annoying and hard to stop. If you get spam, you can forward the message to 7726 to report it. Don’t respond to them as some bots will send you more messages when you do.
4. A phone call
A phone call is probably the scariest because it’s “in the moment” and hard to validate if what they are saying is true. Similar to the “I’m in jail” jargon that can be sent via email, the same can be done here, too. The elderly are usually the ones targeted.
The caller will say something like, “Hey grandma, this is [insert grandchild’s name]. I just got in a car wreck. I’m okay, but I’ll need money for the repairs. Can you send $500 in gift cards to [insert store]?” It’s hard to validate and it’s hard to say no. The best thing to do in this situation is to ask validating questions like…
- What’s your father’s and mother’s name?
- Where are you living right now?
- What year were you born?
These can help validate the person behind the phone. And if it really is your grandson, you’ll know pretty quick.
In addition, never give your credit card information to anyone over the phone you don’t trust.
5. Letters in the mail
Although this doesn’t happen often, sometimes phishing letters come in the mail. Here are some of the most notable scams:
With a fake check, these scams come with a separate letter asking you to send a small portion to a third-party. As you probably guessed, this is a scam because they are lying to you. Do not give them your account information.
A fake bill will arrive in your mailbox claiming you owe money for something. Validate with the company first before you send money. Better yet, do a quick Google search to see if the company really exists.
A letter claiming you won the lottery will show up in your box and all you have to do is “give your banking account information” and you’ll receive the promised money. Don’t give your information to scams like these.
It may not be a “scam” per se, but people can steal your mail to have access to personal information. For sensitive mailed pieces, consider taking to a USPS box or a post office.
Grey Wolf Security specializes in Security Operations, Security Compliance, and Security Engineering. Our professionals have experience within the Department of Defense, Department of Homeland Security, Federal Law Enforcement, Intelligence Community and Commercial organizations. Contact us and let’s collect your digital evidence today.