We may earn compensation from some providers. Learn More

Phishing: What You Need to Know

All Security Reviews Staff · December 5, 2013

Phishing: What You Need to Know

Online fraud has come a long way since the days of Nigerian princes looking to move millions of dollars. Cyber criminals are getting smarter and their methods of attack are growing. In just the past few months, scammers have used fake IRS tax refund notices, threatening jury duty phone calls and bogus text messages warning of credit card deactivation to steal sensitive information and plant malware and spyware on computers. Computer security company Kaspersky Lab reported the number of Internet users who faced phishing attacks went from 19.9 million to 37.3 million over a one-year span that ended last month. “The volume and variety of phishing attacks detected during the survey indicates that phishing is not merely one tool among many for the illegal enrichment of fraudsters, but represents a significant and visible threat,” said Nikita Shvetsov, Deputy CTO of Research at Kaspersky Lab. “These attacks are relatively simple to organize and are demonstrably effective, attracting an increasing number of cybercriminals to this type of illegal activity.” For years, email phishing dominated the online fraud game. But in the past year, according to Kaspersky Lab, only 12 percent of registered attacks came from spam mailings. Online links, messaging systems and text messages have become the scammer’s weapons of choice. In many cases, cybercriminals create fake versions of popular websites to access confidential information. Users sign in, and the phony site gleans their usernames and passwords, granting access to bank, social media and and email accounts. Don’t be a victim of these devastating scams. Here are some tips to protect your information. Know what to look for: More than 20 percent of phishing scams in the past year targeted users of banks and other financial organizations, according to the Kaspersky Lab study. Yahoo, Google, Facebook and Amazon services accounted for 30 percent of all fake sites created by scammers. Criminals use big name, reputable companies and institutions to scheme away valuable information. Use common sense: Don’t respond to emails or text messages that seem suspicious. If it doesn’t feel right, chances are its not. If you receive a text message or email asking you to respond with confidential information — from your bank, for example — give your local branch or the corporate office a call instead. Be wary of unsolicited calls: Fraudsters aren’t just tricking people online. Watch out for phony voicemails or uninitiated telephone calls. Caller ID information can be manipulated and scammers may have information that makes a fake call feel authentic. If the caller asks for an account number, password or any other personal information, hang up. Ramp up your computer’s protection: Install and regularly update anti-virus, anti-malware and anti-spyware software. Only click email links or open attachments from trusted sources. Mark suspicious emails as junk or spam. Don’t share personal or financial information: Reputable organizations will never ask for your account number, birth date, password, Social Security number or other sensitive information via email or text. If you are prompted to provide such information, contact the organization using the number found on its website or an official mailing. Don’t respond: Don’t reply to fraudulent emails or text messages. Responding “no” or “stop” only confirms that your email address or telephone number is active. Report suspected scams: Forward suspicious emails to phishing-report@us-cert.gov. Many banking institutions and phone companies also have methods of reporting abuse. Check with your provider to report fraud. In the end, common sense is your best defense. If a text, call or email sends up a red flag, trust your instincts.

All Security Reviews Staff avatar

All Security Reviews Staff

Our team at All Security Reviews (ASR) has extensive experience in the personal security industry. At ASR we bring this experience and expertise to you by reviewing security providers and grading each company through our proprietary Identity Protection Rating System.