CYBER BLOG: Methods of Scams

CYBER BLOG: Methods of Scams

Scam artists use a variety of methods in an effort to try and get people to reveal sensitive information or try and trick people out of money. Although sending phishing emails to thousands of people, hoping that a few will click a link or download a malicious file, remains a popular way of initiating a scam, people are now being targeted with text messages and phone calls.

As people become more aware of phishing scams attackers are beginning to turn to other methods to try and convince users that their message is real and requires attention. One of the methods that is becoming more popular is the use of text messages. This type of spam is called “smishing”. The attacker will send text messages to a large number of people, in the same way that they would an email, impersonating a regularly used service such as a bank or phone company. In an effort to make the message look authentic, the attacker will ‘spoof’ the sender details. The text will look like it comes from a genuine company, such as the below image.

In this instance, the attacker has spoofed the name of a bank and in an effort to make the message look genuine used a tool to shorten the link so that it is more difficult to see where the link actually points too.

The same rules apply to text messages as apply to emails. Be very careful clicking on links from text messages, unless you are 100% sure that the message came from a trusted source, just because it says that it came from your bank does not mean that it actually did come from your bank.

Another common method for scammers is using phone calls. If an attacker can get to speak to someone on the phone they can sound very convincing. The types of call vary greatly, from pretending to be your bank to pretending to be from a debt collection agency. Again, the attackers are trying to prey on the emotions of the potential victims and try to instil a sense of urgency that action must be taken immediately.

Sometimes, particularly in the workplace, the attackers will have done some background research in to the victim. They will appear to know specific details, perhaps a payment that is due or the names of specific people in various departments. They will use this knowledge to try and convince the victim that they are genuine.

Again, it is very important to be suspicious of any unsolicited phone calls. Always call the company from a number that you know to be genuine. If you don’t know the number do not trust the number that the caller gives you, look it up on a search engine or the phone book.

Call them back at a time that is convenient to you and once you have a time to consider what the caller has told you.

If you would like to talk about how Curious Frank can help you make sure that you are prepared for scams such as those mentioned above, please get in touch at [email protected]


Related News

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?