By Sanelisiwe Jaffar, Senior Cybersecurity Engineer at NEC XON October is Cybersecurity Awareness Month, a good time to discuss the new ways scammers are finding to trick people into divulging their sensitive information (social engineering). Social engineering uses people’s emotions to trick them into revealing sensitive information. Today, we focus on four common social engineering attacks: phishing, vishing, smishing, and quishing. Phishing
Phishing happens when scammers use fake emails to extract sensitive information, like your name, surname, ID number, home address, etc.), banking card information, and passwords. After successfully stealing this information, scammers use it to access the victim’s accounts, which can result in identity theft and financial losses. How to spot a phishing email:
Tips to avoid being a phishing victim:
Vishing and Smishing Many people have received a phone call about fraudulent activity involving their bank card. During the call, the scammer may trick the victim into sharing sensitive information, such as their banking app username and password, by causing panic. Similarly, an SMS may contain a link asking for delivery address confirmation for a package when no delivery is expected, or exciting news about winning a prize, with a phone number to claim it, even though the person hasn’t entered a competition. These attacks are known as vishing (voice call) and smishing (SMS) attacks. In these cases, the scammer impersonates a reputable organisation, such as a financial institution, courier, or telecommunications provider, and manipulates the victim’s emotions to create a sense of panic, prompting them to divulge sensitive information. How to prevent vishing and smishing attacks:
Scammers are now using QR codes to launch phishing attacks, and these scams are becoming more common. In these attacks, people are tricked into sharing personal information, passwords, or even money. Scammers use QR codes because they provide a quick and easy way for people to access websites, applications, or services. How quishing works: When someone scans a malicious QR code, they are unknowingly directed to a fake website that looks legitimate. Once on this fake website, the victim may be asked to enter login credentials, banking details, or other personal information, which the scammer can use to steal identities or drain bank accounts. How to avoid getting quished:
Leave a Reply. |
Archives
February 2025
Tags
All
|
Navigation |
Additional |
© Copyright 2025. All rights reserved.
|
4/2/2025
0 Comments