![McAfee's VP suggests to look out for these top Phishing Lures McAfee's VP suggests to look out for these top Phishing Lures](https://varindia.com/storage/news/uploads/2018/02/5fd2e9711c061.jpg)
McAfee has unwrapped the top four phishing scams that users should beware of while making online purchases. Pravat Lall, Vice President, Consumer Cloud Segment, McAfee has shared his views on this context.
Email Phishing: How Cyber-Grinches Steal Inbox
It might surprise users to see that a tactic as old as email phishing is still so widely used today. Well, that’s because many people still fall for email phishing scams, as the criminals behind these attacks up the ante every year to make these threats more sophisticated.
Scammers also tend to take advantage of current events to trick unsuspecting consumers into falling for their tricks. Take earlier this year, for example, when many users received phishing emails claiming to be from a government entity regarding financial support due to the global health emergency. Cybercriminals will likely use similar, timely tactics leading up to the holidays, posing as famous retailers and promising fake discounts in the hope that a consumer will divulge their credit card details or click on a malicious link.
Spear Phishing Takes Advantage of the Season of Giving
Like email phishing, spear phishing has been around for quite some time. With spear phishing attacks, hackers pretend to be an organization or individual that users are familiar with and include a piece of content-a link, an email attachment, etc. For example, cybercriminals might claim to be charitable organizations asking for donations, knowing that many families like to donate during the holidays. The email might even include the recipient’s personal details to make it seem more convincing. But instead of making a generous contribution, users find that they infected their own system with malware by clicking on the fraudulent link.
Vishing attacks
According to Pravat, “Vishing” attacks can be highly deceiving, as hackers will call a user and trick them into giving up their credentials or sharing other personal information. For example, a scammer could call an individual telling them that they won a large amount of cash as part of a holiday contest. Overjoyed with the thought of winning this so-called contest, the user may hand over their bank information to the criminal on the other end of the phone. But instead of receiving a direct deposit, all they find is that their banking credentials were used to make a fraudulent purchase.
SMS phising or SMiShing
SMS phishing, or “SMiShing,” is another threat users should watch out for this holiday season. This tactic uses misleading text messages claiming to come from a trusted person or organization to trick recipients into taking a certain action that gives the attacker exploitable information or access to their mobile device.
Due to the current global health emergency and the desire to do more digitally, consumers will likely rely on online shopping this holiday season. To take advantage of this trend, scammers will probably send fraudulent text messages disguised as online retailers. These messages will likely contain fake tracking links, shipping notices, and order confirmations. But if an unsuspecting user clicks on one of these links, they will be directed to a fake website prompting them to enter their credentials for the attackers to further exploit.
Avoid Unwanted Security “Presents” This Holiday Season
To prevent cybercriminals from messing with the festive spirit via phishing schemes, Pravat suggests users to follow these tips so they can continue to make merry during the holiday shopping season:
Be cautious of emails asking you to act
If they receive an email, call, or text asking to download software or pay a certain amount of money, don’t click on anything or take any direct action from the message. Instead, go straight to the organization’s website. This will prevent from downloading malicious content from phishing links or forking over money unnecessarily.
Hover over links to see and verify the URL
If someone sends a message with a link, hover over the link without actually clicking on it. This will allow users to see a link preview. If the URL looks suspicious, don’t interact with it and delete the message altogether.
Go directly to the source
Instead of clicking on a link in an email or text message, it’s always best to check directly with the source to verify a holiday shopping offer or track a package’s shipment.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.