BotNet News

Phishing is an attempt to steal sensitive information such as passwords, account details and Social Security numbers. It’s often done through email, text message or some form of malware (either ransomware which restricts access to data or a malicious executable file). Attackers target everyone but are especially adept at targeting strategic employees with high-level roles and deep knowledge of the company’s internal systems.

Attackers are opportunistic and time their attacks around holidays, sporting events, tax deadlines and more. They also leverage fear and urgency in an effort to trick victims into downloading malware or handing over their login credentials. They often create a sense of urgency by telling victims their accounts will be deactivated or that their computers are being hacked and need to be rebooted.

Some attackers spend a great deal of time tailoring phishing messages to each individual. This is called “spearphishing” and can be based on the information they’ve gleaned from your online activity including public social media profiles, website search history and more. Be wary of any message with a sense of urgency and/or requests for personal information as legitimate companies will not ask you for passwords or private details over email.

The most important thing to remember is to always think before clicking. It may seem like common sense but even a quick glance at an email or text can reveal some inconsistencies or grammatical errors that would be very hard to spot in a more formal email from your bank, credit card company or payment service.