Obtaining personal data is a fairly common aim of any type of hacking or phishing technique. Fortunately, these days, most people know that their data could be at risk, & they engage certain protocols to ensure their digital safety. Nevertheless, there are thousands of scammers on the Net just waiting for the opportunity to gain your trust, & hack your data.
What are the scammers after?
Generally, scammers are after financial gains. Gathering email addresses, phone numbers & personal location information pays a pittance. So, hackers are after your banking details or your business & personal credit facilities.
How do they obtain this information?
One of the most notorious methods is known as ‘spear phishing’. What is the meaning of spear phishing? The name truly defines this type of scamming because the hackers ‘spear’ your attention by posing as a trusted source, either a Website or mobile app that you use. According to Webroot.com 1.385 million new phishing Sites were created each month.
What is their methodology?
Mostly, spear phishing relies on impersonating sources known to you, over email. An email is sent to you, which looks official in many ways. The email may even use the address of a trusted contact — it’s pretty easy for people who know a bit about coding to send you an email from a known address.
They can send out mail from any address they choose with the right type of server. Now, this is not always as useful as it seems because if you reply to the mail, you’re bound to uncover the scam quickly. So, they send an email as if it’s from a ‘no reply’ email address & place a link in the mail for you to follow, that leads you to a fake Web address, simply set up to steal data or install malware on your device.
How can you protect yourself?
Scammers can impersonate email addresses. Their aim is to get you to part with sensitive personal information such as your username & password for your Online banking or online e-commerce accounts. Also, some of these cybercriminals engage in various forms of espionage, so government & business employees are often their target.
If an email looks official, you might be tempted to do as you’re told. Don’t! Your bank or your credit providers will never ask you to part with your password, NEVER.
If you see a link in an email & are led to a form requesting you to sign in to a personal or business account, all you need to do is check the URL in the browser bar — it must be exact, not a look alike. Hackers can fake email addresses, but not domain names, so if you’re careful, they’ve got no chance with spear phishing.
Image by Andrew Martin from Pixabay
