I have an exciting offer for you. All you need to do is open this attachment. How many times do we see messages like this? The term is phishing. Hackers entice us with news of opportunity or loss. Other phishing messages appear to be from service providers such as Netflix or Amazon designed to make you think there is a problem with your account. When you click their link, they record your personal information. Phishers also exploit people’s habits and biases to gain their confidence. Often, these requests are easy to spot with misspelled words and embedded URLs. Spear phishing is a new scam where hackers take on profiles in places like dating apps. After the victim becomes comfortable with a few exchanges, the hacker will send a message with an attachment (Goel and Dincelli, 2017).
Goel and Dincelli (2017) show how hackers evoke emotions of authority, community, friendship, patriotism, and curiosity as they make their way into their victim’s computers.
The industry continues to push legislation and software to detect phishing based on white and blacklists and URLs. This becomes tricky as new URLs pop up and have not had a chance to be noticed before the damage is done (Yi et al., 2018).
Phishing.Org (n.d.) gives flags to watch for. Does the unsolicited message have a sense of urgency that prompts you to fast action? Is their offer too good to be true? Does their message include hyperlinks? Is the message from an unusual sender, or their email address does not match the business they represent? Are there attachments you were not expecting (Phishing.Org, n.d.)?
You can use spam filters in your email and browser settings to protect against websites and emails. Another important way to safeguard your information is to constantly change your passwords and never use the same password for multiple sights. Systems that have CAPTCHA have added security to the site. If you suspect an email or website of phishing, report it to your email server and the legit organization the fraudulent website is imitating. Ignore links to websites in emails and go directly to your account on that website (Phishing.Org, n.d.).
We are like fish in a pond, attracted to the shiny lure. Be careful with who and what you trust, and don’t take the bait.
References:
Goel, S., Williams, K., Dincelli E. (2017). Got phished? Internet security and human vulnerability. Journal of the Association for Information Systems, 18(1), 22–44. https://doi.org/10.17705/1jais.00447
Phishing.Org, (n.d.). What is Phishing? Phishing.org? https://www.phishing.org/what-is-phishing
Yi, P., Guan, Y., Zou, F., Yao, Y., Wang, W., & Zhu, T. (2018). Web phishing detection using a deep learning framework. Wireless Communications and Mobile Computing, 2018, 1–9. https://doi.org/10.1155/2018/4678746
No comments:
Post a Comment