Hack & Attacks

What is Phishing Scams – Explained


 Phishing scams are criminal activity that combines the use of technological means (usually emails or instant messages) and social engineering in order to trick the victim into disclosing his or her personal data (usually user ID, passwords or credit card numbers) to a criminal (“phisher”). The victim is often convinced that the criminal is a respectable person or from a trustworthy organization that is entitled to ask for such vital information.

The Most Common Examples of Phishing Scams Include :

*An email from a bank asking you to visit the linked site and confirm the account information, usually by typing in the user ID and password. The link leads to a spoofed site that looks exactly like the original bank’s site, but is controlled by phishers. All entered information is logged by hackers for the purpose of accessing your real account and emptying it.

*A foreign businessman claims to be in trouble and asking for your help in bringing a large sum of money to your country (so called: “Nigerian phishing”). In order to help him, you need to pay a relatively small sum (hundreds of dollars) into a certain bank account. In return you are to receive a few thousand $$$. The details may vary, but one thing is constant – once paid, the “businessman” vanishes with your money.

*Your long-lost family member reappears and asks you for help. The final outcome is exactly like the situation above.

*You receive an email warning that you are going to be sued for sending junk mail unless you pay a few hundred dollars “fine”.

*You receive an urgent message that your credit card number has been stolen. The email asks you to follow a link to your bank’s website and log in and then you are asked to type in your credit card number. All data including your credit card number are then stolen by phishers.

*A lonely man/woman claims that he/she has sent this email blindly in hopes of getting some help. If someone answers this call, the Internet romance will grow, ending abruptly as soon as phishers trick the victim into giving out his/her personal data.

The number of phishing scams grows every day and those above are but a small part of what you can expect from phishers.

Methods Used

Phishing scams are often more about social engineering than computers. Phishers do their best to win some initial trust from their victims. Their scams are polished to the point where they can trick almost anyone. The spoofed bank sites look exactly like real ones (even professionals are often unable to discern them), the language they use is perfectly suited to the role they play and the stories they present are based on facts.

Most of the time, phishing scams try to either scare the victim or they might appeal to their sense of greed.

“Vishing”

There is also a new form of phishing, nicknamed “vishing”. Vishing scams work the same way that normal email phishing works, but it uses VoiP technology to get access to its victims. Vishers hope to take advantage of people’s tendency to treat telephones as a secure and scam-free means of communication. The methods, stories and social engineering used vishing cases are otherwise very similar to “standard” phishing scams.


View Comments
View Comments
There are currently no comments.

This site uses Akismet to reduce spam. Learn how your comment data is processed.