Be Aware of All Types of Phishing Scams
The phishing scam that typically garners the most news is there one where an unsuspecting employee clicks a link in an innocent-looking email message, which then sets off a wave of IT chaos in their organization. However, while most recognizable, that type of phishing is not the only way crooks can gain access to a network.
These are other types of phishing attacks you must make your employees aware of immediately:
- Spear phishing – This is an email scam that relies on cybercrooks tailoring a message for a specific person. First, the malicious actor gets to know the user by finding out their name, title, who you work with and any other information they can gather through social media. This type of email is also more organic – it does not include typical phrases usually linked to suspicious emails or templates that your junk mail filter would otherwise catch. A message like this might urge the recipient to make a money transfer, click a link or download an attachment. These links and attachments might contain malware.
- Whaling – In this scam, cybercriminals imitate company higher-ups and send emails with a variety of requests. This type of attack will work because many employees will not question a request from their boss. Red flags for whaling include any demands that are out of the ordinary, such as requests for sensitive information about yourself or other employees, credentials, or photos of credit cards. Also, the sender’s email may be like ones typically sent within the company with the domain slightly altered.
- Smishing – Smishing is the same as phishing, but the scam is attempted via SMS, or text messages. The scammers also attempt to get your data or encourage you to click on a link. The text might be an alert from a bank that requires immediate attention, for instance. Vishing, on the other hand, is the same scam attempted over the phone.
- Angler phishing – Relatively new, angler phishing relies on social media. Cybercrooks might impersonate a well-known brand or organization to contact you. The actors also create fake brand accounts and wait until users contact them to file a complaint or request assistance.
Your employees are the first line of defense for your organization against cyberattacks. Make sure they have the knowledge required to maintain that perimeter by providing them with the proper training. Partner with 2W Tech for help and we will set up comprehensive phishing training for your organization through BullPhish ID from ID Agent. Contact us today to learn more.