One of the social engineering techniques that we have discussed in Human Firewall Tip # 7 is Phishing. Imagine, an attacker or a "phisher-man" sends thousands of emails across. Once the phishing email is successfully sent out, it is a matter of waiting game until someone fell into the "trap" which is either malicious link was clicked or downloaded a malware-infected attachment. As a simple analogy, this is one (phisher-man) to many (potential victims with email addresses). Some of the types of Phishing are the following:
- Spearphishing, on the other hand, knows something about the victim. This made it easy for the attacker to craft emails that can be related to the victim i.e. email will come from someone the victim knows or working with.
- Vishing on the other hand is done via phone calls. The "vishers" are pretending to be from utilities company and will ask for your personal details like credit card. Some of the most common examples according to Fraud Watch International includes unsolicited offers for credit and loans, exaggerated investment opportunities, charitable requests for urgent causes or even extended car warranty scams
- Smishing is using SMS or TXT messages. "Smishermen" will trick you so you can give them what they want like your bank details, username and passwords or even your physical address. Like phishing, Smishing can grab your data by sending you malicious attachments like applications with malware or directing you to go to a malware-infected website that will automatically download to your mobile device.
Different types but same intention - that is to get your personal data, bank account details or just to take control of your computer. On our next Human Firewall Tip, we are going to share how to protect yourself from these attacks. Being a Human Firewall means being familiar of "who are your enemies" so that you understand how they strike, their motives and weakness.
Watch this space as we build the Human Firewall together.
Disclaimer: Following the Human Firewall tips are at your own discretion. Any actions you may take upon the information on this page is strictly at your own risk.