So here’s the thing. Cybersecurity attacks aren’t just one thing. There are multiple methods that someone could employ to attack you. I harp on phishing emails a lot because they have been, and continue to be, the number one threat vector, but they aren’t the only one. The best way to defend yourself is to be knowledgeable about the various kinds of attacks that people experience every single day and what they can look like. Here are a few of the types of attacks that I keep an eye out for regularly;
1) SMS Phishing – If you read last week’s post about sidestepping Phishing emails, you know what comprises a Phishing email. SMS Phishing follows some of the same principles (Scaring you into clicking a link, pretending to be someone they aren’t, etc.), but the other issue is that of what is called “Line Scanning.” This is where the attacker will send an innocuous text, such as “Hello?” or “Hey, it was great meeting you today,” or something that would invite a response. They do this to see if the line is actually assigned to someone. If you respond, then the attacker will take that as an invitation to send you a bunch of phishing texts, and (knowing that the line is assigned to someone), you will get inundated with spam. The best way to handle these types of unexpected texts is to delete them and block the sender from your phone. My hope is that, when I do this, the attacker in question will assume the line isn’t assigned and will no longer attack it. Sadly, many people are doing this, as I personally receive numerous texts like this.
2) Vishing – vmail phishing (or Vishing) is when you get an actual phone call. This could come in two forms. Either a live person could call you and pretend to be someone they aren’t, trying to obtain your personal information, or it could be an automated dialer that calls you, informing you that you need to call a specific number to resolve the supposed issue. If you suspect that, even for a moment, that the person who is calling you isn’t from the business that they are claiming to be from, it’s important to hang up and call that business yourself. When you call the actual phone number of the company trying to get in touch with you, you will know that it’s actually them that you are talking to.
3) Tailgating and other forms of Social Engineering – Social engineering (for those of you who haven’t heard the term yet) is using deception to manipulate individuals in order to get them to divulge confidential information. What this means is that the people who are attacking you are trying to use Social conventions to either get you to hand over information or let them access confidential areas. Ever hold a usually locked door open for someone whose hands were full? Ever wait a little longer for someone on an elevator because they looked like they were trying to access the same floor as you? This is a practice called Tailgating, where an infiltrator uses your access to an area because they don’t have legitimate access themselves. I’m not saying you shouldn’t hold the door open for people; I am saying that if you see someone trying to get into your place of business, or perhaps even your condo or apartment building, that you don’t recognize, you may want to consider whether they belong there at all.
Full disclosure: I have recently fallen for one of these scams. They gained access to my account, and if I hadn’t acted as quickly as I did, then it could have cost me a lot of money. While I’ll probably be willing to chat more about this in a later post, I’m still smarting from getting caught in one of these schemes. The point of my telling you this here is that while I am a professional who understands how these scams work, with all the risks and ways that they can be avoided, even I fall for stuff every once in a while. It’s essential to be vigilant and avoid the various scams that are prevalent. Still, it’s equally crucial to take preventive measures as soon as possible if you do fall victim to one of these scams, to minimize the damage as much as possible.
What Phishing Scams have you seen recently?
Let me know in the comments section below. If you like this blog post and want to see more, you can follow me on Social Media (LinkedIn, Instagram, and Facebook @jasonlovefiles) or Subscribe to my blog to get new content delivered directly to your mailbox.