Phishing scams — a form of social engineering where attackers deceive people into revealing sensitive information or into installing malware such as ransomware — are becoming more prolific, according to cybersecurity expert Chris Bluvshtein.
The expert, who works for VPNOverview.com, says the most common tactic scammers use is to get people to take action quickly and without thinking. Based on his findings, these are the most recognisable phishing scams currently doing the rounds.
1 ‘Your delivery was unsuccessful’
One of the biggest phishing scams plays on the idea that you have missed a delivery, says Bluvshtein. "As a result, you will usually then be asked for personal information, like your name and address. Submit those details and you will probably be asked for payment information to cover missed delivery fees." Sadly, if that information is presented, the scammers will have won.
2. ‘You’ve won a prize!’
Everybody likes to get something free. "However, clicking on a link that says you have won something will likely lead to you being asked for information that could be passed onto cybercriminals," he says. "Worst case — it could open your device up to the risk of a computer virus.
3. ‘You contacted us first’
Another popular method is the “you contacted us first” approach. Nobody likes to think they have accidentally forgotten about a message, so you might be inclined to agree with the scammer and click on the link to see if there's anything on the link to remind you of what it was all about.
4. ‘Your subscription is expiring’
This is another frequently used tactic, says Bluvshtein. Phishing scams may try to trick you into thinking that your antivirus software - McAfee for example – needs renewing. "Your antivirus software is an important part of your cybersecurity defence, so believing it may need an update is not unrealistic." Another recent example of a similar scam email doing the rounds is for TV licence renewals, with a message telling you that your direct debit has failed.
5. ‘You could be a millionaire’
Emails with the subject line “get rich quick” used to flood thousands of people’s inboxes. Says Bluvshtein: "The scam tried to entice you by offering large sums of money for very little work. However, it has evolved in recent years. Rather than going down the route of making money fast, there is now an uptick in cryptocurrency-related scams that encourage you to make a long-term investment into something like Bitcoin. Unfortunately, the new angle puts you at just as much risk."
Cybercriminals are always finding new ways to scam you. So if you are tricked into clicking a phishing link, is there anything you can do to help limit the damage? According to Bluvshtein, there are some steps you can take.
Disconnect the internet from your device
If the phishing link contains any malware, disconnecting your device from the internet – whether this means turning off the Wi-Fi or removing a cable from your computer – will prevent malware from spreading to your files or sending out any personal information to third parties.
Scan your system for Malware
Many antivirus programs do not have to be connected to the internet to run a scan. If there is any malware in your device, you can find it through the scan and deal with it quickly.
Change all your passwords
You must act fast and reset all of your usernames and passwords if any of your information was exposed in the few seconds before you disconnected your device. In order to protect yourself further, make sure to use secure passwords, as the stronger your password is, the harder it will be for hackers to crack it.
Notify your bank or credit card company
Whether you do so online or by going into your local branch, inform your bank. They may suggest freezing a particular account and / or sending you new credit cards just to be on the safe side.
Set up a fraud alert
Contact one of the credit reporting agencies, such as Equifax or TransUnion, and ask them to add a fraud alert to your credit report. Agencies have the expertise to help with anything you are anxious about, so do not let worries about fraud hold you back.
Inform your email provider
It is best to inform your email provider about any dangerous phishing scams, so they can be aware too and be better prepared to stop these types of emails from reaching users’ accounts. It varies for most email providers, but you can typically do this by right-clicking on the email and selecting an icon entitled "report".
Subscribe here for the latest news where you live
For more stories from where you live, visit InYourArea.