The creation of social media has significantly changed the way we live, giving people the opportunity to connect and interact like never before. While the majority of people use that chance to do something harmless, like catch up with friends or learn new things, there are others who use social media for evil, or for the dark side, or… you get the point. Those digital villains can do real damage to you and your company if given the chance, so keeping yourself protected from things like phishing scams are vital.
Phishing Scams Explained
With the addition of social media into mainstream society, hackers now have a new platform on which to attack potential victims. One popular method of doing so is the act of phishing. With the eventual goal of stealing money from people or companies, phishing is the attempt to obtain information, such as passwords and usernames, by posing as a legitimate entity. Whether they claim to be a coworker, your bank, or some other trusted contact, hackers try to lure unsuspecting people in with an email or post on social media that may ask for confirmation of a password or other private information. Although giving up confidential information is the greatest danger involved in phishing, another possible consequence is being exposed to viruses and malware through links to unsecure websites.
With similar techniques existing since the 1980s, phishing first started haunting AOL users by way of credit card fraud and continues to wreak havoc, now on social media users as well. After evolving over time, phishing now includes several variations, including:
- Spear phishing, which involves the targeting of specific companies or individuals. The online attacker will try to obtain personal information about that company or person in order to give himself a better chance to succeed.
- Whaling, which involves the targeting of high-profile candidates. In this form of phishing, the attacker focuses on a certain senior-level target within a company.
- Clone phishing, which involves the attempt to fool victims by replicating a previously sent and received legitimate email or post. Attackers will try to closely replicate the original email or post, but will replace the link or attachment with a malicious one. The usual purpose of clone phishing is to infect a machine by jumping to it from another.
Tips to Guard Against Phishing
With potentially devastating consequences for phishing victims, it is imperative to properly protect yourself and your business against online attackers. With the government attempting to aid the public with legislation, legal firms would point to the CAN-SPAM Act of 2003, under the provisions of which Jeffrey Goodin became the first defendant convicted of phishing by a jury. Goodin acted as if he were from the AOL billing department and illegally obtained credit card information from fooled users. Although some legality is in place to punish cyber attackers, they do not protect people from the actual attacks. The best way to guard against phishing scams is to stay vigilant and maintain consistent protections, including:
- Think before you add or accept. One of the simplest ways to protect yourself from attacks is to understand who you are adding as a friend. Likewise, don’t let strangers know too much about yourself or your company by making public everyone you work with on sites like LinkedIn.
- Use Google. By Google-ing yourself and monitoring your name with Google alerts you can have the advantage of an early warning when someone is collecting information on you or even posing as you.
- Be safe rather than sorry. If you receive an email, post or request that appears to be suspicious, leave it alone. If the matter is important, the person will find a safe and secure way to contact you.
- Use common sense. Finally, the easiest way to keep yourself protected from phishing scams is to follow obvious guidelines. Create strong passwords, don’t access personal social media from public devices, and keep private information private.