Phishing is the most common type of social engineering attack that occurs today. The main goal of phishing attacks is to obtain personal information such as names, addresses and Social Security numbers.
In short, these criminals use shortened or misleading website links that redirect users to websites that are really phishing landing pages. These malicious links are often delivered in e-mails or text message to the victims, and many contain spelling or grammar errors.
However, they all have the same goal of using fake websites to steal user login credentials and other personal information. The key to preventing this type of attack is to never click on a link that you aren’t familiar with or that doesn’t come from a trusted source. This week, we will continue to look at some common phishing scams for you to be on the lookout.
3. The Billing problem
This phishing tactic is tricky because it appears quite legitimate. This email states that an item you purchased online cannot be shipped to you because the credit card was expired (or billing address wasn’t correct, etc.). If you click on the provided link, it takes you to a spoofed website and asks for updated payment/shipping information, etc.
4. The Expiration Date
This type of email falsely explains that your account with [company name] is about to expire, and you must sign in as soon as possible to avoid losing all your data. Conveniently enough, there is a link in the email, which again takes you to a spoofed login page.
5. The Virus or Compromised Account Scare
These types of email state that your computer has been infected or that one of your accounts has been breached. In order to avoid losing your money or data or infecting your computer the email instructs you to follow a link to download the attachment.
Source: www.spyescape.com & www.securitymetrics.com