How to Avoid Falling for Phishing Scams

Phishing scams … there are many more. Cyberspace is a wonderful frontier, but as in old Western movies, attacks can come from any horizon. Most of them are ambushes.

I have two phishing messages in my junk mail now. One from Donna, and hey, I have a girlfriend named Donna. However, my girlfriend Donna will not say in the subject line, “Hey, have we ever met before?” The other is from a cell phone company I don’t use, and it asks me to claim a $ 50 refund.

Let’s talk about the types of phishing, how they can affect both individuals and companies, and the steps you can take to prevent them.

What is phishing?

In short, these scams are attempts to obtain information such as account numbers and passwords. Then this information is commonly used for money theft or identity theft.

How does phishing work?

There are thousands of attempts by attackers every day. Attackers often disguise themselves as a trusted source.

For example, business people use popular delivery services like FedEx and UPS. They may order via amazon. They use credit cards to complete orders. Since we are regular customers, we trust these entities. Fraudsters know this and use it to their advantage.

Let’s make a scenario. The owner of a small business is getting angry. Time sensitive items have been ordered, but not yet delivered. If the materials do not arrive soon, production will stop for the rest of the day.

AHA! The small business owner sees an email from the delivery service saying there is a problem with the payment. The owner opens the email and completes the requested information, including his credit card number.

I caught you. Just like this. He fell into a moment of weakness. The phishing email succeeded.

There are many other methods of phishing attacks:

Email fraud

This is common because the email address information can be easy to obtain. We usually enter our email address as contact information for several companies. This is why email phishing is the most common attack launched by fraudsters.

We can accept that it is relatively easy for hackers to obtain our email address information. Most of the time, it is easy to spot a scam message.

Here is a sample phishing email: There is a problem with your account, and you must confirm the information.

Here’s how to respond: There might be a problem with the account. Do not respond to e-mail. Make a phone call directly to the account.

Whaling and spear phishing attacks

Apparently, these are attacks by cyber criminals on the “big fish” such as the corporations and / or the company’s CEO.

The attackers enjoy a higher level of sophistication in these phishing campaigns. In law enforcement, those breaking the law are called actors.

There are skill levels for these criminals. Whaling and spear phishing are very well planned with a high degree of organization. They aren’t trying to get just one guy – bad enough. They are trying to finish a business.

Most of the time, victims fall prey to personal phishing emails that appear to come from within the company – from a fellow employee or their boss. Phishing emails can seem very believable, with a suitable subject line for some of the company’s ongoing work.

The most popular phishing techniques

Basic email scams and phishing attacks may be the main types of phishing, but there are plenty of other phishing techniques you should keep an eye out for.

Business email spoofing or CEO fraud

Once you know how this works, you can take steps to prevent it. This fraud could be the worst of all, as it can wipe out an organization.

First, a hacking attack begins when a hacker is looking for the CEO or director. Then, usually, contact is made with a specific employee, usually through emails. Fraudulent application is submitted and research shows – the request comes when the CEO or director is out of the office.

How do they know this? Fraudsters are smart and smart. Part of their research may show that the CEO will attend a specific sales meeting or conference, as advertised on the company’s website. They can choose an employee from the same data source – a new appointment is announced.

SMS or fraudulent text message attacks

The name Smishing comes from SMS combing and phishing. And that is exactly what it is. It is text message phishing. Recipients will see the same types of phishing messages that are used with email, such as “Problem with Delivery” or “Credit Card Hacked”. There are mobile phone apps (s) that effectively block unwanted text messages.

Phishing malware

This type of message contains viruses, worms, spyware, or other malware included in it. Open the message – whether delivered via email or text – and the recipients quickly become victims.

Search engine phishing

If you surf the web – shopping for supplies or information – you are at risk every time you click on a link. You may inadvertently click on phishing sites. These fraudulent websites may be included as a submenu.

The website and / or submenu appear to be legitimate, in fact, fraudsters can make sites look like they are the actual company. They use getty logo images to make the link look real.

Here’s how to get around this. Before clicking any link, look at the link URL. Although the site can look real, you cannot fake the URL. Often the fake website URL is a mixture of letters and numbers.

DNS service phishing

This scam is hacking a domain name server. This is another sophisticated attack, and the phisher can sneak through domain names, actually hijacking routers. If achieved, the door would be wide open for obtaining all kinds of data, including passwords, account information, phone numbers, and other information. If you think this has happened, immediately contact your internet service provider, your bank, and your credit card company.


Foxy forgery. A hacker is inserting malicious code into your computer. This code directs you to a link to fake websites.

Phishing via social media

This phishing takes the form of espionage. It’s as if someone was looking over your shoulder. A hacker sneaks in and records your keystrokes.

This is called Keylogging. The data you enter, such as letters, numbers and symbols, can be recorded for the password.


This is also called Clickjacking. Malware is embedded in online ads and all internet users are at risk when they click on a link. Malvertising is an especially successful cyber attack, because well, we can’t resist a good deal.

A man is in the middle of an attack

Sincere evil, fear companies. E-mail messages are intercepted by hackers and “altered” before their recipients continue. Pictures of emails hitting back and forth between two employees, while the alligator periodically scurries out of the water, grabbing the email, distorting it, and sending it on its way.

Phishing clone

Similar to Man-In-The-Middle. Messages are intercepted between people. There is a difference though. Often times, a new message is created and the new message indicates information in a previous email.


These are phishing attempts delivered via phone calls, voicemail, and / or VOIP calls. The same drill – it looks like letters from credit card companies or even banks. Don’t fall in love with her. But could it be real? Contact the organization directly.

Examples of phishing attack

  1. We want to notify you of some suspicious activity on your credit card account.
  2. We want to notify you of some problems related to your bank accounts.
  3. Please confirm your account information for our website.
  4. Here is a coupon to get free samples. Just visit our website.
  5. You are eligible for a refund.

These are some typical examples of phishing attacks. As an answer to each one, make a phone call.

What are the signs of phishing?

  1. They are often mistaken in grammar or spelling.
  2. A strange website URL.
  3. The attachment is suspicious.
  4. Greetings, well, weird. Like “Hey honey.”
  5. A sense of hopeless urgency is transmitted.
  6. There is a request for details of the accounts.

Report a suspected phishing

Yes, you are busy and phishing is very common. And when you look at the phishing statistics, it can be difficult and difficult to keep up with any type of response. But if not all phishing cases are reported, it will never reduce and preventing hacking attacks will be everyone’s responsibility. Because each report gives the authorities more information on how to stop the attacks.

Forward emails to [email protected] Redirecting texts to SPAM (7726).

How to prevent your business from becoming a victim of phishing attacks

  1. Use email signature certificates.
  2. Use first-class computer security software and update it regularly.
  3. Conducting employee training.
  4. Multifactor identification request (more than 2 credentials).
  5. Data backup.

What are phishing groups?

Since phishing is like fishing, phishing group is like tackle box. It is a collection of software tools compiled by a fraudster. If no one succeeds, the fraudster will have other inducements to choose from.

What are the current phishing scams?

Wow, it’s great to have hundreds of Facebook friends. But the current scam is done through a seemingly innocuous friend request. Your new BFF is now phishing your page to collect as much personal information as possible.

This information can be leveraged for business email scams or CEO scams. Be sure to carefully monitor what you disclose on your Facebook page or on any public website, such as a group, with caution.

How to spot and thwart phishing emails

  1. Watch out for grammatical and spelling mistakes.
  2. If in doubt, contact the “source” directly. Do not respond to e-mail.
  3. Remember that reputable companies do not request personal information by email (or text message).
  4. Do not open attachments.
  5. If the email is work related, contact the IT department.

How does someone steal and use your credit card numbers?

Here are some ways:

  1. Fraudsters call or text messages asking for information. Always remember that reputable companies do not contact you and ask for personal information. Don’t give out the credit card information over the phone unless you’ve started the call.
  2. Fraudsters use fake websites. If you shop or order online, look for the “https” for the URL and the “lock” icon on the site.

What are the two types of phishing attack methods?

Email phishing is the most common form of phishing attack. Spear phishing is the same, but different, because the victim is used to catching a bigger fish. Here’s how.

Typically, a phishing email is an attack on an individual to obtain data from that person. Spearfishing may attack an individual, but the goal is to use that person to reach the larger “fish” such as an entire business.

Photo: Depositphotos

Leave a Comment