Most of us have heard of email phishing (pronounced fishing), but have you heard of spear phishing? Maybe not, but this is the latest twist on a phishing scam.
Spear phishing starts out as an email that appears to be from someone you know, whether it is an individual or business. However this is not from friends, family or businesses you deal with. In reality it’s from the same criminals who want to get a hold of your credit card, bank account, passwords and critical data stored on your computer.
Because the email seems legitimate and come from someone you know, you might be less vigilant and give them the information they ask for. And when it’s a company you know asking for urgent action, you may be tempted to act before thinking.
So how do you become a target of a spear phisher and his attack? In large part this is from the information you put on the Internet from your PC or smartphone. The scammers search social networking and other sites to find your page, which contains everything from your email address to friend’s information and all the post where you may be sharing to much personal information about. Using this information, a spear phisher will sometimes pose as a friend, send you an email, and ask you for something like a password to a website. If you respond with the password, they’ll try that password and variations to try to access your account on that online retail site you mentioned. If they find the right password, they’ll use it to buy all sorts of expensive gifts for themselves with your credit card. Sometimes a spear phisher might use your information to pose as somebody from the online retailer like and ask you to reset your password, or re-verify your credit card number. If you do, be sure they will cause you great financial harm.
Keep Your Secrets Secret
This may seem like common sense, but please keep your secrets, SECRET! The safety of your information depends in large part on you being careful with it. So take a look at your online presence, and see how much information about you is out there. Google your name, email address, even friends’ names and their email addresses. See what information you can find because its that simple you could be unknowingly compromising your safety, and that of your friends by sharing too much on popular social networking sites.
So take a moment to look at your posts. Be sure that there isn’t anything out there you don’t want a scammer to know? This also includes posting something on a friend’s page that might reveal a little too much about you. Always use common sense.
Use Passwords That Work
If you think about your passwords, do you use just one or an easy to figure out variations of this one password? Well, if you do either of these, stop now, because you’re making it easy for a scammer to get access to your personal financial information. I know it’s a pain, but every password for every site you visit needs to be different. Not just a little different, I mean really different to properly ensure your online safety. Be sure to use random letters and number combinations as these work best. Also don’t forget to change them frequently. Also don’t write them down and leave them next to your computer as this could compromise your security also If you need a little help remembering all the passwords. Use software that is secure, which can help you keep track of your passwords easily. (Need help with picking this software give Slick Cyber Systems a Call?)
Don’t Forget About Patches, Updates, and Security Software.
Be sure to utilize security software to include malware, and anti-virus software to fully protect your computers from these nasty little programs, which are designed to steal from you. Also when you get a notice from your software vendors to update your software, please do it. When you delay or neglect updating software this is when problems happen , which can infect your computer. Remember most operating systems and browsers updates include security patches and will help prevent many problems so don’t forget them. Because your name and email address may be all it takes for a hacker to slip through a security hole into your system. And it almost goes without saying, you should be protected by Internet security software, and it should always be up to date.
Please Be Smart
Should a “friend” email you asking for a password or other information? Please be smart and call whenever possible. If calling them is not possible, then email (in a separate email) the friend in question to verify that they were the one who really contacted you. Needless to say the same goes for banks and businesses you deal with. Legitimate businesses won’t email you asking for passwords or account numbers. If you think the email might be real, always call the bank or business and ask but never click links in the email or supply passwords.
Very important always remember: Don’t give up too much personal information online, because you never know who might use it against you or when.
Slick Cyber Systems recommends to any business that may have question please call (570) 371-5800 to discuss “Spear Phishing” or any other security questions you might have. You can also vist us on line at Slick Cyber System.