"This is tech support. We have discovered that your password has been compromised, and your bank account is at risk..."
Who wouldn't be scared, or at least a little bit nervous? Criminals rely on this type of reaction to bad news, and capitalize on your emotions in order to glean some information from you. This is "phishing", a form of social engineering. And it can take many forms.
Some phishers go to elaborate extremes to appear to be "legit". They may set up the exploit days or weeks in advance.
For example, you may get a call telling you that a technician will be around next week to update your computer and make it more secure. Next week, you'll get a call telling you that "the technician that we told you about last week will be in momentarily to work on your machine - please save all of your work at a convenient point so that the technician can work on your computer". A few minutes later, a "technician" arrives, and starts to work on your computer. This technician may copy data from your hard drive, or install a keyboard logger or other equipment that allows them to see everything that you enter into your computer, including passwords, accounts, emails, etc.
Phishing attacks rely on human nature in order to get you to divulge information that they can use to make money.
Tactics include (but are not limited to):
1. Invoking fear or panic - an email from the IRS or the FBI, a call from the police about your grandson being taken into custody, etc.
2. Appealing to greed - the Nigerian prince, something desirable for free/price too good to be true, you've won a prize, etc.
3. Playing upon your sympathy - children or animals in trouble
4. Any other tactic to get you to do something that you normally would not consider doing.
If you receive an email, mail, or telephone call that seems suspicious,you should report it to your local police, and file a report with the FTC.
If you want to check the authenticity of the message, look up the telephone number or web site yourself - DO NOT click on any links or call any telephone numbers, etc., that are included in the suspicious communication. These are likely traps.
Categories: | Tags: | View Count: (10819) | Return