Phishing, sounds like it could be fun, but it’s not. As internet security becomes more and more advanced, so do the methods of those trying to beat it. Phishing, the act of trying to obtain personal information for malicious use, has just upgraded thanks to internet users becoming more comfortable with providing seemingly harmless personal information throughout the web. Unlike regular phishing, the process of spear phishing gets a little more personal, a little more believable, and much more harmful. Here is the process –
You just re enrolled in college to go for your doctorate degree, and you posted about it on Facebook.
Your friend Tammy replies, congratulating you and asks how you financed your latest endeavor.
You replied that you were able to get a great deferment plan through your bank, a well-known and respected bank.
And now it has begun. The Phisher has been reading your profile, knows your name, knows that you have enrolled in school, and that a well-known banking institution is financing you. Most likely your email address is visible on your social media profiles, but if it is not, it is probably listed in other places where the phisher can easily find it. They are building their plan to steal your information without you catching on at all, or until it’s too late.
48 hours go by, and now you’ve received and email from you bank about missing information in your student loan documents, but don’t worry, all you have to do is create or log in to your account and fix the error.
Your full name is in the subject line, and the email came from a person in the student loan department at your bank. You open it, ready to update your information. You have to access your account, and it looks like you are, but you’re not, you have just provided all of your personal information to the phisher, you have been speared.
There are many other instances of this story, but the moral is keeping your information private, and remaining wary of any transmission of your personal information. Here are some tips to help with that.
- Create email accounts that are only used for the creation and recovery of social profiles.
- Make sure that all of your information is private, and only visible to people who you have purposefully connected with.
- Take care of all financial transactions through direct websites that have a current and valid SSL Certificate, or in person, or over the phone.
- If friends or businesses email and ask you for any passwords or other personal information, contact them directly to verify.
- Update your security, patches and upgrades are created to keep you ahead of those looking to exploit your information.
If you have more questions on how to protect yourself, or your business from spear phishing or phishing of any kind – contact Businets today!