March 12, 2021
Phishing scams have taken many forms throughout the years and it can sometimes be difficult to keep up with the new tools that hackers have developed to steal consumers’ personal and financial data. Since the internet boom in the early 2000’s, one of the more common methods has been creating domain names and web pages that are virtually indistinguishable from actual websites, then sending links to these websites to vulnerable users’ emails. 1,500,000 new phishing webpages are created per month, so it’s clear this problem is not slowing down anytime soon.
A recent alert from security specialists has drawn attention to cybercriminals who have developed a way to make these look-alike pages even more convincing. Scammers use a special tool that automatically displays your organization’s name and logo on the phony login page. They can even use this tool to populate your email address in the corresponding login field. This creates a false sense of security because many legitimate websites remember your username if you have logged in previously.
To add another layer of sophistication, savvy hackers will “spear phish” in an attempt to increase an email’s apparent legitimacy. Spear phishing involves researching their target so they can include personal information harvested from public sites like Facebook or Instagram in the email. Including these details is intended to trick consumers into overlooking the other more suspicious parts of the email and get them to click the links, open the attachments, or input their information into login pages.
While phishing is still very common and getting more sophisticated, so do fraud prevention techniques and technologies. There are two steps you can take to maintain your security: anti-phishing training and anti-phishing software. You should rely on either of these independently – but instead use them together to protect yourself.
Here are some anti-phishing habits you should become accustomed to in order to protect yourself:
This article uses information from https://www.revbits.com/blogs/lookalike-login-pages and "Scam of the Week" from https://blog.knowbe4.com/