While you might have heard of phishing before, did you know about whaling, spear-phishing, smishing, catphishing, and vishing? All are forms of social engineering designed to trick you into either giving out your information or clicking on a link that then might install malware on your computer or device so the hacker can gather critical information. Let’s take a look at some of these terms and what they mean as well as who their targets might be.
Phishing – “Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.” (Source: Phishing.org:https://www.phishing.org/what-is-phishing)
Spear Phishing – “Spear phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted source. It’s actually cybercriminals attempting to steal confidential information.” (Source: knowbe4.com: https://www.knowbe4.com/spear-phishing/)
Whaling – “Whaling is a form of spear phishing that attempts to target high-level executives. Las Vegas casinos refer to the big spenders as whales, and casino managers are willing to spend extra time and effort to bring them into their casinos. Similarly, attackers consider high-level executives the whales, and attackers are willing to put in some extra effort to catch a whale because the payoff can be so great. When successful, attackers gain confidential company information that they might not be able to get anywhere else.” (Source: Cybersecurityglossary.com:https://cybersecurityglossary.com/whaling/)
Smishing – “The term “smishing” is a mashup of SMS (short message service) and phishing, which is when fraudsters utilize malware by sending emails which mimic a trustworthy source such as credit card company, financial institution or retailer. Unsuspecting consumers mistakenly open the email and click on the links, allowing the malware to be activated.” (Source: Experian.com: https://www.experian.com/blogs/ask-experian/what-is-smishing/)
Vishing – “Vishing is the illegal access of data via voice over Internet Protocol (VoIP). Vishing is IP telephony’s version of phishing and uses voice messages to steal identities and financial resources. The term is a combination of ‘voice’ and ‘phishing.’” (Source: Techopedia.com: https://www.techopedia.com/definition/4159/vishing)
Catphishing – “’Catphishing’ (also known as ‘sweetheart scams’)—is another emerging threat, one that entails exploiting individuals by targeting them through dating websites. The term ‘catfish’ has come to signify people who present false information about themselves online. The term came about after a documentary of the same name came out in 2010 on long-term online relationships.” (Source: IACPCybercenter.org:https://www.iacpcybercenter.org/catphishing/)
Sound familiar? You might not have known the name of the scam, but these sorts of attacks are on the rise. We will be focusing more on ways to protect yourself throughout the month. And BEWARE of the PHISHermen! You never know when you might be a target!