BotNet News

Phishing is a cybercrime that targets individuals to steal sensitive information, such as account login credentials, credit card and bank details and passwords. This information can then be used to access victims’ accounts, and even commit identity theft in their names, resulting in financial loss and a poor personal reputation that may take years to recover from.

The most common method of phishing involves emails, although scammers can also target people via social media (e.g. Facebook Messenger, LinkedIn InMail and Twitter DMs). These attacks are referred to as “social media phishing” or smishing. Scammers can impersonate individuals or organizations, or even use software to generate emails claiming to come from legitimate sources such as PayPal or banks. The message will usually include a link to a fake website that can steal login credentials, deliver malware or spread spam.

Criminals often try to evoke emotions in phishing emails, such as curiosity, fear or urgency. They can make the email look genuine and believable, for example by using a generic greeting instead of the victim’s name or putting an inflated sense of urgency on the content (e.g. you must act quickly to avoid losing money, the IRS is investigating your account or criminals are recording your webcam).

Other red flags of phishing include poor grammar and misspellings. People should never click on links in suspicious messages, and instead type the URL manually or use a reputable search engine to find the correct site. For further protection, a good password policy is key: don’t use the same password for different accounts, and combine lower and uppercase letters with numbers and symbols to create a more secure password.