BotNet News

Your source for Online Security News

Phishing is a cyber scam that uses social engineering and targeted techniques to steal personal information and money. Attackers use email, text messages and phone calls to phish for your passwords, bank account numbers, credit card info and other sensitive data. They also use this data to impersonate your contacts or colleagues and attempt to trick you into revealing more about yourself.

A phishing attack often begins with an email that looks legitimate. For example, attackers might claim to be your bank or other financial institution and ask you to verify your account details. Alternatively, they might pretend to be an online retailer and ask you to verify recent non-existent purchases. They might even pretend to be from a tech or cybersecurity company and say they need to access your accounts to keep you safe.

Messages that appear urgent or encourage quick action should always be treated with suspicion. Attackers use fear as a weapon, claiming that if you don’t comply immediately, you will lose money or face account suspension. It is important to remember that attacks don’t target technical vulnerabilities in your operating system – the weakest link is the human who doesn’t double check where an email is really coming from.

Attackers are increasingly targeting employees, leveraging their knowledge of your company and your contacts to create more convincing fake messages. They can also use phishing to gain a foothold on your network and begin spreading malware, including ransomware, like the Emotet banking Trojan that wreaked havoc in 2018 for city officials in Allentown.