Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. This second of three briefings for EMS with the Federal Trade Commission scope out some of the newest ways scammers are using email and text messages to try to get you to pay them or steal your passwords, account numbers or Social Security numbers — called “phishing.”
Once they get that information, they can get access to your email, bank or other accounts — or sell your information to other scammers. They launch thousands of phishing attacks like these every day and they’re often successful.
Benjamin Davidson, Attorney, Division of Marketing Practices, Federal Trade Commission said it is becoming more targeted and personalized. In phishing scams, it is common to pretend to be a family member, claiming that there is a family emergency; scammers download a 30-second audio file of the victim from social media, use artificial intelligence technology to copy and imitate the voice, and enter the corresponding text.
Duplicating voice technology has enormous uses, and it can be put to good use by people who suffer from deafness, but unfortunately, so can criminals.
Ben Davidson hands out several tips and best practices for staying safe online:
- Stay skeptical. Any unsolicited emails or text messages asking for personal or financial information is probably a scam. If you’re not sure if an email or message is legitimate, don’t click on any links or download any attachments.
- Check the sender’s email address or phone number to make sure it’s legitimate. Attackers often use fake email addresses or phone numbers that look similar to the real ones. Your email spam filters might keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so extra layers of protection can help.
- Look for signs of phishing. Misspellings, poor grammar, or urgent requests for action all signal something fishy. Legitimate companies and organizations usually don’t send emails or messages that contain these types of errors.
- Use two-factor authentication whenever possible. Two-factor authentication adds another layer of security, such as a code sent to your phone, in addition to your password, which may be more work, but more secure too.
- Keep your software and security systems up to date.
- Stay educated. The more you know, the better prepared you’ll be to avoid the threats.
Vidya Sethuraman
India Post News Service