What’s Hot in Phishing?
To clarify upfront, this is not an article on the hottest bass lakes in Texas or what color crankbait is hauling in the lunkers. The fishermen in the audience may have quit reading, but we wanted to take a few minutes to talk about the phishing attacks that we are seeing the most. The two most common at the current time are the gift card scam and the voicemail scam. Please see the following for a refresher on these two surprisingly effective cons.
Gift Card Scam
This scam is where an “exec” will reach out to a subordinate asking for a favor. Upon response, the “exec” asks the subordinate to purchase gift cards and email him the codes off of the back. Please review the following blog entry to ensure that you do not fall victim: https://www.netascendant.com/it-services-blog-and-news/2019/01/the-gift-card-scam-its-the-thought-that-counts
Voicemail Scam
The voicemail scam is where the bad guys send you a “voice message” which includes either a file or link to a website. The objective is to either infect the user’s machine with a virus or lure them into giving up an email address and password (most commonly the latter). Please see this blog entry to familiarize yourself with this scam: https://www.netascendant.com/it-services-blog-and-news/2018/12/voicemail-phishing-dont-listen
With all phishing attacks, vigilance is the key in not becoming a cyber-victim. The adherence to the following few rules will go a long way towards keeping you safe:
If you are ever prompted to enter your email address and password, don’t do it. There is a .001% chance that you will ever need to do this based on an unsolicited email.
If you have the slightest doubt about a request in an email, pick up the phone and call the sender to validate the request. When doing so, be sure to use a published or known phone number and not a number listed in the email itself.