The sophistication of today’s phishing scams is perilous. Over the years, scammers have had the opportunity to refine their approach and split-test the success of one scam against another. With a tweak here and the change of a detail or two there, they have been able to create scams that have been carefully designed to dupe, deceive and defraud.
In order to stay ahead of this fearsome array of phishing attacks, you need to know exactly what to look out for. In this article, we’re going to take a look at the tell-tale signs of 3 of the latest phishing scams to hit a screen near you, and what you can do to avoid them.
Scam 1: Deceptive phishing
This is probably the most popular type of phishing attack used online. The scammer will pose as a legitimate business in an email to try and get you to hand over sensitive information. The brand image online lender Wonga was recently targeted in this way. Web users (many of whom weren’t even Wonga customers) were sent fake notifications advertising a fantastic (too good to be true) loan offer for a ‘loyal customer’. However, as is the case with the vast majority of legitimate companies, Wonga customers were reminded that: ‘Wonga does not send any unsolicited direct marketing, either through SMS or email, to any customers in South Africa.’
The intriguing take away from this phishing attack however was the number of victims duped by the fraudulent emails that had no prior relationship with the Wonga brand (contact information for those targeted was acquired from an SSA leak). Suggesting that anyone can be susceptible whether they’ve had direct interface with your brand or not.
Here’s what you should look out for:
- The email address the message has been sent from. If it does not look legitimate, delete the message immediately.
- The grammar and spelling of the message. Although a very occasional mistake might be made in a legitimate email, it will not contain glaring grammatical errors, awkward phrases or spelling mistakes.
- Is the message formatted correctly? If there is inconsistent spacing, unusual images or strange use of italics or bold, there’s a good chance it’s a scam.
- Are any links included? Remember, no legitimate company will provide links for security issues. Instead, if there’s a problem they will direct you to straight to the company website.
Scam 2: Spear phishing
Wordplay aside, there’s nothing remotely funny about this targeted scam. In this type of attack, the scammers will write a message they believe is personal to you. By using details such as your name and even your phone number, the scammers will add legitimacy to their email. The aim, as in the case of deceptive phishing, is to get you to click on a deceptive link.
- Always take a close look at any ‘official’ emails before you respond and check the sender’s email address.
- Never trust any emails from companies you do not do business with.
- Do not download any email attachments from unknown sources.
Scam 3: Pharming
Pharming is one of the latest attempts to defraud you. Rather than sending unsolicited emails, the pharming scam works a bit differently.
Every time you enter a website the letters you enter into the search bar are converted to a numerical IP address. Pharming allows scammers to change the numbers of an IP address to effectively re-route the user to a malicious site. Although there aren’t any particularly obvious warning signs of this scam in action, there are a number of things you can do to protect yourself:
- Make sure you’re using a site that’s protected by HTTPS. This label means the site is secure and hackers will not be able to access your passwords or other personal information.
- Install and update security software on your computer.
- Make sure you keep your web browser up-to-date by downloading the latest updates as and when they become available.
Phishing scams are an ever-present menace with approximately 156 million emails sent every day, but take heed of the warning signs and there’s no reason for you to become the next victim.