Smishing, vishing and whaling: How phishing scams are evolving


Watch out when messaging: Phishing attacks are no longer just being mounted as emails. — Photo: Fabian Sommer/dpa

BERLIN: Boring-looking bank emails and would-be family members in distress are just two of the ways that cybercriminals like to fool people into sharing passwords and credit card details.

Alarm bells should always be ringing when a service or person asks for your password, especially for your online banking service, but also for your social media login details or phone number.

Criminals are still targeting the unwary by email to lure them to fake websites, and yet they have also moved far beyond that these days.

Here are an overview the various kinds of phishing techniques that are being used and what you can watch out for:

The relative in need of help: Someone posing as an old friend or relative gets in touch with you on Facebook or some other social media platform, asking for help (or usually money). Often, they will say they they have lost their phone and all their money, explaining why they get in touch with an account or number you don't know.

Smishing: Smishing (a neologism made up of SMS and phishing) is when cybercriminals send a text message baiting recipients into handing over their login data. One widespread scam involves a text message telling you that your package needs to be picked up. Don't click on the link! - Spear phishing: This describes targeted data fishing attacks that focus on a specific group of people, such as staff at a company. If your name and company email address can be found online, then you might get an email that looks like it's from your own company. Watch out for typos, dodgy-looking formatting and unusual requests to log in.

Whaling: This is the term used to describe phishing attacks on big fish, meaning particularly wealthy victims. These attacks will often involve lots of preparation and, like spear phishing, often be targeted specifically at one person.

Vishing: This technical term is a combination of voice and phishing and means nothing other than manipulation and fraud attempts via telephone calls. Often an unknown number will call you and begin an automated recording. Another classic example is of someone pretending to be from Microsoft IT offering to help with something that has been slowing your computer down.

Cybercrime experts recommend two ways you can protect yourself.

1. Never let yourself to be pressured into action.

2. If a would-be company or person wants something from you, then first follow up with a phonecall to a number you can be sure you can rely on.

If worst comes to worst, block any accounts that may have been affected and change your passwords as soon as possible.

Also, secure evidence and file a criminal complaint. If money has been stolen, report the damage to your bank and check if you have insurance that covers phishing attacks. – dpa

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Opinion: When is it time for a new phone?
‘Monster Hunter Now’ launches Season 3 featuring cooking, the Heavy Bowgun and Magnamalo
Disney, DirecTV reach deal, restoring programming for 11 million satellite TV viewers
Review: A new book chronicles the battle over AI, but fails to question whether AI is worth battling over
'50 messages in 1 hour': UAE parents, teachers debate impact of school WhatsApp groups
United Airlines taps Elon Musk's Starlink for in-flight internet
Exclusive-OpenAI's stunning $150 billion valuation hinges on upending corporate structure, sources say
Intel qualifies for $3.5 billion in grants to make chips for US military, Bloomberg News reports
Nvidia's stock market dominance fuels big swings in the S&P 500
Trump says he is not selling his shares of media company

Others Also Read