Criminals try to phish your data

6 Dangerous Types of Phishing Attacks You Need to Know About

We've all had to deal with them. There are many types of phishing scams that come along, and we have to be cautious whenever we check email or visit new websites.

While there are many phishing scams that you may encounter on a daily basis, it's important to know what they are in order to avoid them. The easier it is to recognize the scams that you come across, the easier it will be for you to not fall for them.

All phishing scams are attempts at obtaining personal information for financial gain. Here are 6 types of phishing scams that you are likely to encounter.

1. Mass-Market Email

Mass-market emails are the most common phishing scams you'll see. Everyone has seen these and they come in different forms. They are usually easy to recognize. For this scam, you'll receive an email from a name you recognize, which will entice you to open it. It attempts to trick you into clicking a link that will result in your computer automatically downloading malware. This scam relies on email spoofing, where the email header is faked, making the message appear as if it was sent by someone you trust. Usually the spoofed email is a company that you may use, such as PayPal or FedEx. In most cases, there are typos in the email. Also, if you mouse over the embedded links, you'll see that they direct to a site that does not belong to the company.

2. Spear Phishing

This is a form of targeted phishing. These are similar to mass-market emails, but with a smaller target. Because the target is smaller, they tend to be less obvious than the mass-market emails. The idea with these types of emails is that they are sent to high-value targets, such as corporations. These emails will be sent to most employees in the company in an attempt to get the recipients to download malware and infect company-wide computers. Having clear office guidelines for handling emails can reduce the risk of spear phishing scams. An office should assess its vulnerability to such risks on a regular basis.

3. Whaling

Whaling is an even more targeted phishing scam than spear phishing. Rather than going after multiple people within an organization, this scam focuses on the major people, such as the CEO or senior management. The idea of targeting senior management means a potentially bigger payday for the scammers. The emails or spoofed websites will look more professional and be specifically geared toward people in those positions. The content usually contains a legal subpoena, customer complaint, or executive issue that would attract attention. Just like the spear phishing and mass-market emails, these emails will attempt to get the executive to download an attachment or view a malicious website.

4. Website Cloning

Scammers always try to trick you with forged websites that look like the originals. For the more obvious ones, there will be typos or poor-quality images that will let you know that it's a forgery. However, some phishing scams use JavaScript commands to alter the address bar. This hides the actual address and replaces it with an image containing the URL you think you've gone to. Through these cloned websites, the scammers hope to get you to sign in to your account so they can use that information to access your actual account. For some of these scams, the technology is good enough to make everything from the URL to the log-in page feel exactly the same as the real page. This is why it's so important to always hover over links before clicking. It will ensure you're going to the real website.

5. Link Manipulation

This is a more technical scam that many people might not notice until it's too late. Again, it focuses on driving a person to fake website that looks like the intended destination. In many cases, they add what appears to be a sub-domain to a domain that is recognizable to the recipient. However, the recognizable part of the URL is actually the sub-domain. In other cases, the recognizable domain is misspelled by a letter or two in the hope that the reader doesn't notice. Another trick for this is for scammers to write the correct URL but link to another page and hope that you don't notice when you mouse over it. There's also the possibility of using a redirect within a legitimate page. If a known page has been compromised, the scammers might add code that redirects the user to another page. This can trick you into entering your personal information.

6. Instant Messaging and Phone Scams

A lot of scammers use instant messaging apps or phone calls to obtain personal information. These types of phishing scams can take many forms. They usually involve the contact person having at least some information about the recipient of the messages. With that information, the scammer will make a claim that may be related to a relative. In the case of using a loved one, the scammer will say that there's some sort of emergency and you have to transfer money to help out. Because it's an emergency, it's impossible to speak with your loved one to confirm that any of this is real. Of course, some instant messaging and phone scams ask for small personal details that could be used to find your other accounts and passwords. They may also pose as your bank or another service that requires personal information verification. 

Avoid These Types of Phishing Scams

No matter what you'll do, you'll still receive all types of phishing scams. However, you can minimize the threat by recognizing the types of scams that come your way. But you can reinforce your cyber security with our services. Whenever you receive an email that looks legitimate, be sure to double-check the content and all links contained in it before clicking on anything. And if someone contacts you seeking personal information, make sure it is from the legitimate source. In the case of a bank or service company, you can call their service number to confirm.