PHISHING THE PERSONAL WAY!
As much as we would love to believe that we are immune to scams by scoffing at emails offering $2 million dollars for bank details, a different era is now unfolding for the users. The beauty of technology is its ability to change and surprise us every time by its innovativeness and agility to change our lives. This ability of tech is duly compensated by what all negatives can be done out of it. Phishing is the gateway to a variety of cyber and other crimes, so finding newer strategies to trap the user/target is the most critical task on the hacker’s mind.
Sometimes if you are tempted to bait an email scammer, might just confirming your email id can land you in a trap. With users becoming more mature than in the earlier days, the phishing game is entering the age of chilling tactics. Now they are taking a personal approach and crawling the internet for every single detail they can find about you. Data is power, and it is being used differently, your data can be used for your own peril. Even cyber security experts are put into service for this purpose. Social media is the favorite hunting ground for data about you, *which would entice you to open the mail / attachment / confirmation.
The business-related ones like LinkedIn are being used, to our utmost surprise, to target people with tailored messages. What a parameter? ”The strength of a relationship between two people can be measured by inspecting their posts and comments to each other.” In the first quarter of 2022, LinkedIn accounted for 52% of all phishing scams globally. Psychologists researching obedience to authority know who all of their targets would respond to mails from people in authority. The recent data on Google Safe Browsing shows that today there are nearly 75 times more phishing sites compared to malware sites.
68% of the phished characters go on to enter their credentials on a phishing website. What a way to build up a database. It is estimated that globally email spam cons cost businesses USD 20 billion every year. Selecting targets is a well thought out game, normally on rank, age or social status. It also happens that spamming is a part of a bigger coordinated cyber-attack. Working for or having connections to the main target becomes an important consideration. Trust is bought in the first few interactions, to dupe finally, bots have been trained effectively for this purpose. Anonymous communication channels and fake IP addresses help them in a big way. Crafting extremely believable emails takes it to the next stage of spear phishing.
PHISHING IS A WAR OF ATTRITION. SO FAR, THE USERS HAVE BEEN THE LOSERS.