29 Sep Phishing, Doppelgängers, and You: The Dangers of the Wild Internet
Identity Theft and Phishing
This week, we are going to dive a little deeper to help you better identify a true phishing scam. The term “Phishing” was coined for the practice of “Baiting,” an attempt to trick or fish (“Phish”) personal information from unsuspecting victims for criminal misuse. Often referenced and long-standing threat to identity theft, modern-day phishing assumes sophisticated, varied forms that wreak unexpected and sudden havoc on the lives of its everyday victims.
From phishing’s early beginnings as the dicey email scams encountered in the dial-up days, the evolution of stealthy methods ensnares even the most sophisticated users into the digital abyss of identity reclamation. Victims of phishing range from business owners, to executives from global Internet corporations, to savvy consumers, unwitting children, and retirees.
Nigerian Email Scams
Many of us are familiar with the Nigerian email scams. Variations of rip-offs (named for the geographic region from which most of these emails originate) are typically sent from a self-proclaimed independently wealthy heir, injured military soldier, foreign royalty (Nigerian Prince), or the like. The phishing emails of the mid-’90s were notoriously rife with misspellings, grammatical errors, and often included an urgent request to exchange bank account information. Typically, the easiest to spot out of all the types mentioned here in this article, the Nigerian email scams are the predecessor to more malevolent forces at work on the interwebs which we will cover next.
Extortion, injury, and other sensational circumstances might make an appearance in a phishing attempt to obtain personal data, but aside from the obvious red flags of the earlier Nigerian email scams, more sophisticated methods are at work. Scammers marauding as well-known service providers are increasingly tricking email recipients into sharing personal information.
Hackers brand incoming email correspondence with company colors, logos, legal disclaimers and other visual representations linked to reputable companies, these phishing scams appear to be service-related in the form of technical support or issue resolution such as verification of identity, account closure scares, and beyond.
A credible-looking email with brand imagery and a call-to-action prompts victims to click on a link with a familiar website address which might appear to point users to the provider site while actually redirecting them to a copycat webpage. These scams lead victims into territory similar to the Equifax breach incident of 2017.
Are you prepared to tell the difference between a hacker’s attempt at data theft and business as usual? Dedicated rings of scammers worldwide charade as prolific, trusted brands with which we conduct every day, mundane business.
By some appearances, today’s attempts appear unassuming, with a routine call-to-action. An innocuous invitation or notification to download a new app, update, or browser extension may install malware that compromises personal records and financial data, sometimes running undetected indefinitely while scammers thoroughly comb through information about your family or employer files, curate data from social profiles, collect keystrokes, and more.
Your Best Bet
The risks to our personal and business records are greater than ever. The best bet is to avoid suspicious links and emails from service providers or creditors. If action is requested, call the company on a number listed on the official website or correspondence. Independently type the website address into the browser instead of clicking on links from unsolicited emails.
There is no frontier that is off-limits to identity thieves. The team at Core ID Services is here to work with you so that you can protect yourself, your family, and your communities. Remain vigilant on your personal and business devices and consider proactive measures, such as subscribing to an identity theft protection service. Visit us again next week for more tips and guidance to safeguard your personal information.