The latest research from 50 organisations involved in the fight against cybercrime has revealed that 10 percent of all phishing scams lead to a data breach. This will come as shocking news to anyone whose junk email folder is regularly full of generous offers from Nigerian royalty, or fraudulent emails purporting to be from seemingly legitimate enterprises. It is not unusual to receive multiple emails of this kind every day, so to think that one in every 10 emails leads to a data breach is a terrifying thought.
What are phishing scams?
Phishing scams come in a number of guises, but are typically fraudulent email messages that appear to come from organisations such as universities, internet service providers and banks. In many cases, these messages direct the recipient to spoofed websites where they are asked to divulge private information, such as entering a password, credit card details or making other account updates. These details are then used by the fraudsters to commit theft.
Many phishing scams are designed to induce panic in inexperienced email or internet users. They try to trick the recipients into responding immediately by claiming an email, bank account or password could be lost. Such a claim is always indicative of a phishing scam, as no legitimate company or organisation will ever ask you to perform such actions via email.
Here’s what a typical phishing scam looks like in action.
What do phishing scams look like in 2016?
Phishing scams are constantly evolving in an attempt to stay one step ahead of internet users. Just as we grow wise to one tactic, there’s a new, increasingly sophisticated scam doing the rounds. Scammers used to entice recipients to enter their banking information on a fake web page. However, booby-trapped emails can now be much more difficult to spot.
One such example involved the South African arm of the payday loan lender Wonga. Individuals who weren’t even necessarily Wonga customers were sent the details of an enticing offer that really was too good to be true. The email promised a loan of R150,000 (an amount Wonga do not offer), with an APR of just 3 percent, in return for a small upfront fee. Of course, some users were tempted by the offer and sent the one-off fee along with their bank account details. You don’t need to be a soothsayer to guess what happened next…
The only way to bring down the 10 percent success rate of phishing scams is to educate internet users about what they should do to avoid becoming a victim.
Whether at home or in work, there are a few basic rules you can follow to protect yourself. This includes:
- Never responding to emails with confidential or sensitive details;
- Never getting pressured into sending sensitive or confidential information, whether by phone, text or email;
- Never clicking directly through to a website from a link embedded in an email;
- Never submitting information via forms embedded in emails;
- Installing and regularly updating an effective piece of security software.