BotNet News

Phishing is a cyberattack that attempts to steal personal or account information, including passwords, Social Security numbers and credit card numbers. It also may install malware on victims’ computers and steal data from their devices. The attack can be carried out over email, texts and social media platforms like Facebook, Twitter and LinkedIn. Cybercriminals often use threats and a sense of urgency to make their requests seem legitimate. They may claim that if they don’t receive their money, the victim will lose access to an account or that a package is being held for ransom.

Messages asking for personal or financial information are a clear sign that something is phishy. Legitimate organizations rarely ask for this information over email or other messaging services. Grammatical errors and inconsistencies in a message are another red flag. Many phishing messages will reference specific order numbers or other details that are unique to the victim and would not appear in general communication.

Scammers can also use popup phishing, voice phishing (vishing) or SMS text messaging (SMiShing). They may pretend to be Google or your wireless provider, for example, and send you links that take you to fake websites to steal information or install malware. They may also impersonate a trusted person, such as your boss or a coworker, and ask you to share information.

Educating employees about phishing and providing tools to help them recognize malicious content can strengthen defenses. Employees should use designated reporting tools and follow instructions provided by their company. They should also monitor accounts with sensitive information, especially financial ones, and consider changing their login credentials on a regular basis. Research shows that a combination of demographic and psychological traits make some people more susceptible to phishing attacks. These include impulsiveness, trusting natures, and emotional responses to authority or urgency cues.