Because of its sophisticated nature, phishing is one of the more dangerous types of malware. Traditional anti-malware programs are not enough to protect you from phishing scams because they target human interaction instead of simply invading computers, so it is vital for you to remain vigilant to identify the threats before you fall for them.
The goal of phishing scams is to trick you into voluntarily giving up secure personal or financial information. This is accomplished by delivering an email that looks legitimate. It may appear to come from your bank, a credit card company, or another organization that holds your personal information. The email typically informs you that there is a problem with your account and gives you a link to the organization’s web page. Although the website appears to belong to the bank or other organization you use, it is actually a replica designed by the bad guy. Once you enter your information to log in to your account, it is delivered to the cybercriminal, who is free to use the stolen information in any way he or she deems fit.
Much like the sport it is name for, phishing involves cybercriminals luring you to give up private information by baiting you. Once you take the bait by clicking the link in the email and entering your personal information, you have successfully been hooked. Unlike most types of malware, phishing relies heavily on human interaction instead of stealing personal information by invading technological devices.
Usually originating from computers that are part of large botnets, phishing scams try to target as many people as possible. To avoid detection, phishing websites are typically only available for a short window of time, but within an hour, a single scam has the potential to compromise the security of thousands of individuals. Some of the most targeted websites include:
- AOL
- eBay
- Runescape
- PayPal
- Battle.net
With the rise of technology, phishing has evolved to attack through texts as well as through email. “Smishing” occurs when dangerous links encouraging you to give up personal information are sent via text. This attack functions the same way as phishing through email, with the intent of stealing your information. Keeping your information safe from phishers requires two things: vigilance and a comprehensive anti-malware program. While many of these programs contain phishing filters that enable them to identify many potential scams, there is no better protection that wariness. Just because an email looks legitimate doesn’t mean that it is. If you have the opportunity to call the organization in question, do so. This practice can help clear up any discrepancies and eliminate the need to enter your personal information online. Avoid following direct links, as this can help you stay away from fake websites. Finally, make sure phishing filters are turned on so your anti-malware program can catch most of these realistic scams for you.