BotNet News

Phishing is a cyber attack that leverages social engineering tactics and human weaknesses to steal personal information, money, or credentials. Attackers can target any medium such as email, instant messaging, social media networks, or websites. Messages can also be sent via voice, allowing phishing to be done over the phone (vishing) or over text messaging (smishing). Regardless of how it is delivered, phishing is an equal-opportunity threat that affects all users of computers and mobile devices.

Cybercriminals often impersonate a familiar source, creating a false sense of urgency to lure victims into acting before thinking. This can include messages that claim to threaten deactivation of an important account or to warn of unauthorised activity. Attackers are also known to exploit emotions such as fear and sympathy. For example, a popular variation of the Nigerian prince scam involves attackers impersonating people in dire circumstances and asking for money. These scams are incredibly successful because victims can be easily persuaded to act without a full understanding of the situation or what they are doing.

To prevent phishing, be careful with attachments and never click on hyperlinks in suspicious emails or online. Educate your users to be mindful of these attacks and use phishing awareness tools to test them throughout the year. When in doubt, contact the person or company over a different channel to make sure they really did send the message. For more protection, consider enabling multifactor authentication when available to help verify access to your online accounts.