According to Get Cyber Safe, over 156 million phishing emails are sent every day. 10% of people targeted take the bait and click on an embedded email link compromising their login credentials or installing onto their computer. To keep yourself savvy on the latest phishing trends, here are some of the top phishes targeting people:
|Image from NerdGraph|
The “Account Suspended Phish”
This phishing attack appears to be an official mail from your bank, a large retail site you use (like Amazon), or a variety of other places you do business with online. Always be careful when clicking on embedded links. If you hover your cursor over the link, you'll see it doesn't go where it appears to. Other key indicators that this is a phish are the email saying something about your account being “suspended” or that “quick action is needed” to keep an account open. These are sure signs for a phishing attack. When in doubt, never click a link in the email and call the company directly if you’re worried about fraudulent charges on your account.
The Google Drive Phishing Scam
This phish is disguised as a Google Drive document and emailed to Gmail users. It asks the user to click the document and then tricks respondents into placing their logion information in the new window to see the Google Doc. The key here is if you receive an email asking you to open an unexpected Google document, don't click the link without checking with the sender! Always check the email address from the user. If it seems odd, delete the email immediately . Since this phish can be disguised as coming from someone in your email list, always check with them if the document is real before clicking, and never enter login credentials on a newly opened window if you aren’t 100% sure the document is legitimate!
Social Media Phishing Scam
Social media accounts can often be targeted in phishing scams. Typically these types of phishing attacks tell you that your account is ‘suspended’ or ‘flagged’ and that immediate action is needed by you to regain access to your account. The email will ask you to click an embedded link in the body of the email and then enter your logion credentials. Rule of thumb here is never click on an embedded email link in an unexpected email! If you think something is wrong with your social media account open a new browser and go to the site yourself, if any action is needed from you on your account you will be notified on the site!
When in doubt always double check with the company or person who seems to be sending you an email by contacting them before clicking anything and delete any suspicious emails.
For more information on phishing attacks:
Google Drive Phishing Scam: http://www.mediapost.com/publications/article/264055/google-drive-phishing-scam-returns.html
Facebook Phishing Scam: https://www.hackread.com/facebook-phishing-scam-targets-page-admins/