I F L E X I

Loading...

Phishing outside the pond

Phishing outside the pond

03/10/2022 iFlexi.com Comments Off

It may not be the oldest profession in the world, but it shouldn't be far off. Today we are going to talk about fraud, or more precisely about phishing, which seems much more sophisticated.

The word Phishing comes from the English word “fishing”. The scammer pretends to be a credible company or organization aiming to “fish” for information.

Everyone has already received emails from Nigerian royal family promising the world in exchange for a small favor. As a rule of thumb, if something looks too good, it probably is. E-mails showing a very urgent tone, mentioning problems with a bank account, or regarding unauthorized access to a credit card, are other examples of the methodologies used. This is an area where creativity is flourishing.

The scammers intent to generate panic, so that the user gives his/her data without stopping to think for a minute. So, breathe deeply and ask yourself: “This SMS I just received, am I expecting something from the Post Office?”, or “Do I know someone named Smith in the Cayman Islands?”.

Have a thourough look at the format and content. One way to identify a fake message is to analyze the sender's email address. The displayed name usually mimics a legitimate company, but the domain is completely different.

To be sure, you can always contact the entity that is allegedly sending the information. No bank or other entity will ask you to provide passwords or security codes over the phone or email.

Let´s have a look at other popular examples...

1) MBWay payments related to website purchases

The scammer shows interest in a given product that you have offered for sale on an advertising site and asks for an “MB WAY code” to allegedly make the payment. He/she even offers to help you carry out this operation, stressing the necessary steps up to getting the transfer code. In fact, the application generates a code which makes is possible to withdraw money from an ATM, without the need to introduce a card. Presing the green key, choose “Withdraw Money” option and follow the remaining instructions. Instead of receiving it, the seller is offering untraceable money to the scammer.

Pro Tip: invest some time in learning how to use this sort of applications. It will pay off.

2) Fraudulent SMS (Smishing)

You may have already received SMSs asking you to click on a link in order to activate, confirm or verify an account, or validate delivery information for a package. By clicking the link in these messages, you are redirected to a page that pretends to be the legitimate entity, aiming to capture your data or installing viruses.

Pro Tip: As a rule of thumb, be wary of SMS from foreign numbers. Never click the link, never return the call or reply to these SMSs. Mainly, if you are not waiting for an order, you have not registered on a new site, or anything that justifies that contact. In doubt, contact the alleged issuer.

3) Offers/giveaways

You have probably seen Facebook pages allegedly related to large companies such as Apple, IKEA, Decathlon, etc. offering stuff “that can no longer be sold due to a small imperfection”. Another frequent decoy is a page requesting data (example: name, place of birth) to generate content that is attractive to the user. Gathering data from different sources (social engineering) allows them to collect more and more personal information about you, or even guess your password.

Pro Tip: Check if it is a newly created page, if it has poor design or sparse content. As a rule of thumb, avoid providing personal data.

4) International Phone Call

Just missed an international call? This can be a bit more tricky, especially for those who have frequent international contacts. The caller ID may be camouflaged and it may happen that you pay a value-added service, in case you return it. It also often happens that the caller identifies as Microsoft's IT department asking for passwords or alerting that fraud has been detected in an account.

Pro Tip: If you are not expecting an international contact, do not return these calls. On the other hand, never give out account or email access information.

Rule of thumb:

– Pay attention to details such as the sender, strangely worded text or spelling errors;
– Do not download files or applications unless you are sure that they come from reliable sources;
– Don't click on anything on impulse. Whether links or ads, take a few seconds to analyze the credibility of the source.

But not everything is scary and gloomy. In addition to alerting, we can help in regards of security.

Check our offer in detail here: https://www.iflexi.pt/security/

By browsing this site, you are agreeing to our privacy policy and use of cookies. know more

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close