One constant that continues to lurk in people’s inboxes are phishing scams. Those emails that are disguised to look legitimate, so they’ll trick you into clicking on a malicious link or opening a dangerous attachment.
Unfortunately, these scams are so popular because it’s fairly cheap to send out millions of emails, and they work.
Phishing attempts have increased 65% within the last 12 months and they account for 90% of all data breaches.
Many high-profile breaches, such as the one a few years back at the DNC, are the result of a sophisticated phishing email, which fooled an unsuspecting user and allowed the hacker to gain entry to a computer or entire network full of data.
Companies and individuals that fall victim to phishing attacks end up losing time and productivity as well as having to pay for virus removal services.
Phishing attacks come in a few different shapes and sizes, but they’re all designed to do the same thing, plant a virus, spyware or other malicious malware on a user’s computer or otherwise gain sensitive information.
Types of Phishing Attacks
Phishing: General phishing is when you get an email that’s not particularly targeted at you or your company, it’s just a wide net cast by the spammer to try to catch someone in their trap.
Spear Phishing: Typically targets to a particular user or organization.
Whaling: Phishing emails sent to someone of a high position (CEO, CFO, or other administrator).
Smishing: Phishing sent over text message (often purporting to be from someone you know).
Social Phishing: Phishing that’s done over social media channels, typically through use of direct messages.
Vishing: Before phishing, these used to just be called scam calls. Now when you receive a voice call scam it’s put into the phishing category
What new phishing scams are making the rounds that you need to be aware of? Read on to find out, and be sure to share with your friends, family, and work colleagues.
Be on High Alert for These Phishing Scams
As mentioned above, phishing scams can come in the form of emails, direct messages, texts, and even phone calls. Here are the ones you need to watch out for this fall.
IRS Reminder Scam
A phishing scam that the IRS has recently warned taxpayers about has to do with emails sent appearing to be from the IRS and providing a link for taxpayers to get information on their tax refunds.
Subject lines might be along the lines of “Electronic Tax Return Reminder” or “Automatic Income Tax Reminder.” The scheme is designed to get you to put sensitive information into a spoofed page that makes you think you’re entering it on the IRS site.
According to the IRS: “The emails have links that show an IRS.gov-like website with details pretending to be about the taxpayer’s refund, electronic return or tax account. The emails contain a ‘temporary password’ or ‘one-time password’ to ‘access’ the files to submit the refund. But when taxpayers try to access these, it turns out to be a malicious file. The IRS does not send emails about your tax refund or sensitive information. This latest scheme is yet another reminder that tax scams are a year-round business for thieves.”
Social Security Number Vishing Scam
The Federal Trade Commission warns about a new robocall that’s designed to get you to divulge your social security number using scare tactics. The call states that there is a problem with your SSN and warns that all your benefits will end if you don’t take action.
You can listen to a recoding of the vishing scam on the FTC’s site, and they warn that in the first six month of 2019, Social Security imposters scammed people out of $17 million.
Data Breach Settlement Scams
When there is a data breach at a large company, like Equifax, they usually have a dedicated webpage where consumers can find information on any remedies or free credit monitoring services that they offer the victims. Scammers take advantage of this by sending out emails pretending to be from companies that recently announced a breach, including links to malicious sites that can perform drive-by downloads of malware.
Beware of phishing emails trying to exploit the recent breaches of:
Bluehost Hosting Account Scam
Bluehost is a popular website hosting provider and some users recently reported receiving emails that looked like they were coming from an admin address at the company’s domain. The email mentioned that a hosting account was about to be suspended and gave a link to a login screen that looked just like the company’s. When the victim logged in, it took them to an FAQ page about billing that appeared to be legitimate… but it wasn’t.
The scam was designed to grab the user’s login credentials, from which they could control their hosting account and any data that it contained.
Stay a Step Ahead of the Bad Guys!
Protect your computer and network and stay a step ahead of phishing scammers with Cloud Care Premium by Pro Tech Guy. This powerful managed antivirus and malware protection includes safeguards like Hacker Check and Threat Detection.
Find out more today by calling 508-364-8189 or using our contact form.