to a scam artist . Tax season is always a busy time for scammers seeking to gain accessAttack.Databreachto sensitive information , but this year attacks are coming earlier and in greater numbers than usual . The uptick has caused the IRS to release an urgent alert warning employers to be on the lookout for what they 're refering to as `` one of the most dangerous email phishing scamsAttack.Phishingwe ’ ve seen in a long time . '' By using email spoofing techniques , criminals are able to draftAttack.Phishingemails that look as though they are coming directly fromAttack.Phishinga high-level executive at your organization . They sendAttack.Phishingthe message to an employee in the payroll department or HR and include a request for a list of the organization 's employees along with their W-2 forms . Their initial goal is to use the W-2 information to file fraudulent tax returns and claim refunds . But not all criminals are stopping there . Once they 've found a responsive victim , a portion are also following up with additional email requesting a wire transfer be made to an account they provide . Also referred to as business email compromise (BEC)Attack.Phishing, these attacksAttack.Phishinghave claimed more than 15,000 victims and cost organizations more than $ 1 billion over the past three years . More than 100 organizations have already fallen victim to W-2 phishing scamsAttack.Phishingin 2017
Just a friendly reminder that phishing scamsAttack.Phishingwhich spoofAttack.Phishingthe boss and request W-2 tax data on employees are intensifying as tax time nears . The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks . On Thursday , March 16 , the CEO of Defense Point Security , LLC — a Virginia company that bills itself as “ the choice provider of cyber security services to the federal government ” — told all employees that their W-2 tax data was handedAttack.Databreachdirectly to fraudsters after someone inside the company got caughtAttack.Phishingin a phisher ’ s net . Alexandria , Va.-based Defense Point Security ( recently acquired by management consulting giant Accenture ) informed current and former employees this week via email that all of the data from their annual W-2 tax forms — including name , Social Security Number , address , compensation , tax withholding amounts — were snaredAttack.Databreachby a targeted spear phishing email . “ I want to alert you that a Defense Point Security ( DPS ) team member was the victim of a targeted spear phishing email that resulted in the external releaseAttack.Databreachof IRS W-2 Forms for individuals who DPS employed in 2016 , ” Defense Point CEO George McKenzie wrote in the email alert to employees . “ Unfortunately , your W-2 was among those released outside of DPS . ” W-2 scamsAttack.Phishingstart with spear phishing emails usually directed at finance and HR personnel . The scam emails will spoofAttack.Phishinga request from the organization ’ s CEO ( or someone similarly high up in the organization ) and request all employee W-2 forms . Defense Point did not return calls or emails seeking comment . An Accenture spokesperson issued the following brief statement : “ Data protection and our employees are top priorities . Our leadership and security team are providing support to all impacted employees. ” Fraudsters who perpetrate tax refund fraud prize W-2 information because it contains virtually all of the data one would need to fraudulently file someone ’ s taxes and request a large refund in their name . Scammers in tax years past also have massively phishedAttack.Phishingonline payroll management account credentials used by corporate HR professionals . This year , they are going after people who run tax preparation firms , and W-2 ’ s are now being openly sold in underground cybercrime stores . Tax refund fraud affects hundreds of thousands , if not millions , of U.S. citizens annually . Victims usually first learn of the crime after having their returns rejected because scammers beat them to it . Even those who are not required to file a return can be victims of refund fraud , as can those who are not actually due a refund from the IRS .
Evaldas Rimasauskas , 49 who allegedly connedAttack.Phishingtwo of the world 's biggest companies was arrested on fraud charges GOOGLE and Facebook have admitted they were conned outAttack.Phishingof an alleged $ 100million ( £77million ) in a phishing scamAttack.Phishing. The two world 's biggest companies fell victim after a Lithuanian man allegedly trickedAttack.Phishingemployees into wiring over the money to bank accounts that he controlled , Fortune reported on Thursday . Evaldas Rimasauskas , 48 , is accused of posing asAttack.Phishingan Asia-based manufacturer and deceivedAttack.Phishingthe internet giants from around 2013 until 2015 . He was arrested earlier this month in Lithuania at the request of US authorities The conman is said to have forgedAttack.Phishingemail addresses , invoices and corporate stamps to impersonateAttack.PhishingQuanta and trickAttack.Phishingthem into paying for computer supplies . Rimasauskas , who is awaiting extradition proceedings , has denied the allegations . The US Department of Justice ( DOJ ) said last month : `` Fraudulent phishing emails were sentAttack.Phishingto employees and agents of the victim companies , which regularly conducted multi-million-dollar transactions with [ the Asian ] company . '' Both Facebook and Google have confirmed the fraud and said that they had been able to recoup funds . But they did n't reveal how much money it had transferred and recouped . A Google spokeswoman said : `` We detected this fraud against our vendor management team and promptly alerted the authorities . '' `` We recouped the funds and we ’ re pleased this matter is resolved . '' A spokeswoman for Facebook added : `` Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation . '' Security experts said the recent cyber attack highlighted how sophisticated phishing scamsAttack.Phishingare being used to foolAttack.Phishingeven two of the biggest tech companies .
The IRS , state tax agencies and the nation ’ s tax industry urge people to be on the lookout for new , sophisticated email phishing scamsAttack.Phishingthat could endanger their personal information and next year ’ s tax refund . The most common way for cybercriminals to stealAttack.Databreachbank account information , passwords , credit cards or social security numbers is to simply ask for them . Every day , people fall victim to phishing scamsAttack.Phishingthat cost them their time and their money . Those emails urgently warning users to update their online financial accounts—they ’ re fake . That email directing users to download a document from a cloud-storage provider ? Fake . Those other emails suggesting the recipients have a $ 64 tax refund waiting at the IRS or that the IRS needs information about insurance policies—also fake . So are many new and evolving variations of these schemes . The Internal Revenue Service , state tax agencies and the tax community are marking National Tax Security Awareness Week with a series of reminders to taxpayers and tax professionals . Phishing attacksAttack.Phishinguse email or malicious websites to solicit personal , tax or financial information by posing asAttack.Phishinga trustworthy organization . Often , recipients are fooledAttack.Phishinginto believing the phishingAttack.Phishingcommunication is from someone they trust . A scam artist may take advantage of knowledge gained from online research and earlier attempts to masquerade asAttack.Phishinga legitimate source , including presenting the look and feel of authentic communications , such as using an official logo . These targeted messages can trickAttack.Phishingeven the most cautious person into taking action that may compromise sensitive data . The scams may contain emails with hyperlinks that take users to a fake site . Other versions contain PDF attachments that may download malware or viruses . Some phishing emails will appear to come fromAttack.Phishinga business colleague , friend or relative . These emails might be an email account compromise . Criminals may have compromisedAttack.Databreachyour friend ’ s email account and begin using their email contacts to sendAttack.Phishingphishing emails . Not all phishing attemptsAttack.Phishingare emails , some are phone scams . One of the most common phone scams is the caller pretending to beAttack.Phishingfrom the IRS and threatening the taxpayer with a lawsuit or with arrest if payment is not made immediately , usually through a debit card . Phishing attacksAttack.Phishing, especially online phishing scamsAttack.Phishing, are popular with criminals because there is no fool-proof technology to defend against them . Users are the main defense . When users see a phishing scamAttack.Phishing, they should ensure they don ’ t take the baitAttack.Phishing.
The IRS , state tax agencies and the nation ’ s tax industry urge people to be on the lookout for new , sophisticated email phishing scamsAttack.Phishingthat could endanger their personal information and next year ’ s tax refund . The most common way for cybercriminals to stealAttack.Databreachbank account information , passwords , credit cards or social security numbers is to simply ask for them . Every day , people fall victim to phishing scamsAttack.Phishingthat cost them their time and their money . Those emails urgently warning users to update their online financial accounts—they ’ re fake . That email directing users to download a document from a cloud-storage provider ? Fake . Those other emails suggesting the recipients have a $ 64 tax refund waiting at the IRS or that the IRS needs information about insurance policies—also fake . So are many new and evolving variations of these schemes . The Internal Revenue Service , state tax agencies and the tax community are marking National Tax Security Awareness Week with a series of reminders to taxpayers and tax professionals . Phishing attacksAttack.Phishinguse email or malicious websites to solicit personal , tax or financial information by posing asAttack.Phishinga trustworthy organization . Often , recipients are fooledAttack.Phishinginto believing the phishingAttack.Phishingcommunication is from someone they trust . A scam artist may take advantage of knowledge gained from online research and earlier attempts to masquerade asAttack.Phishinga legitimate source , including presenting the look and feel of authentic communications , such as using an official logo . These targeted messages can trickAttack.Phishingeven the most cautious person into taking action that may compromise sensitive data . The scams may contain emails with hyperlinks that take users to a fake site . Other versions contain PDF attachments that may download malware or viruses . Some phishing emails will appear to come fromAttack.Phishinga business colleague , friend or relative . These emails might be an email account compromise . Criminals may have compromisedAttack.Databreachyour friend ’ s email account and begin using their email contacts to sendAttack.Phishingphishing emails . Not all phishing attemptsAttack.Phishingare emails , some are phone scams . One of the most common phone scams is the caller pretending to beAttack.Phishingfrom the IRS and threatening the taxpayer with a lawsuit or with arrest if payment is not made immediately , usually through a debit card . Phishing attacksAttack.Phishing, especially online phishing scamsAttack.Phishing, are popular with criminals because there is no fool-proof technology to defend against them . Users are the main defense . When users see a phishing scamAttack.Phishing, they should ensure they don ’ t take the baitAttack.Phishing.
The BBC recently uncovered that scammers are attempting to trickAttack.Phishingus through the abuse of multilingual character sets . By creatingAttack.Phishingthese lookalike sites with domain names that are almost identical to the URLs we know and trust , it ’ s made telling the difference between fake and genuine sites – and avoiding phishing scamsAttack.Phishing– increasingly difficult . Research by security company Wandera revealed that people are three times more likely to fall for a phishing scamAttack.Phishingif it is on their phone . As a result , this new scamAttack.Phishingtargets smartphone users , where the lookalike sites are harder to spot . A recent survey that tested the British public ’ s knowledge of scams and online security behaviours found 16 % of British adults have experienced online fraud . For phishing scamsAttack.Phishingspecifically , it ’ s one in ten of us . The most common age group to experience online fraud is 35 – 54 , with almost one-fifth ( 19 % ) of this demographic having fallen victim to a scam . CEO of Get Safe Online , Tony Neate , said : “ While online fraud is common , it becomes less so when you engage common sense . “ It is very easy to cloneAttack.Phishinga real website and does not take a skilled developer long to produce a very professional-looking but malicious site , but if you know what to look for , it ’ s easy to stay safe. ” There are numerous ways to determine whether or not a received email is from a legitimate company trying to help , or a scammer looking to stealAttack.Databreachfinancial details . The initial sender is a good starting point . Take the time to look at the email address you ’ re being contacted by , not just the name . An unfamiliar address , or one that doesn ’ t correspond with the company , is a giveaway that it ’ s a fraudster . Then take a look at the greeting . If the email opens with ‘ Dear loyal customer ’ or ‘ Hello ( followed by your email address ) ’ then it ’ s another telltale sign . The real company would address you by your full name and make it personal to you . Careless slip-ups in the copy of the email are also giveaways . Does any of the grammar or spelling not sit quite right ? This is a big indicator that it ’ s a phishing scamAttack.Phishing. You wouldn ’ t expect poor language by someone from a legitimate company .
The BBC recently uncovered that scammers are attempting to trickAttack.Phishingus through the abuse of multilingual character sets . By creatingAttack.Phishingthese lookalike sites with domain names that are almost identical to the URLs we know and trust , it ’ s made telling the difference between fake and genuine sites – and avoiding phishing scamsAttack.Phishing– increasingly difficult . Research by security company Wandera revealed that people are three times more likely to fall for a phishing scamAttack.Phishingif it is on their phone . As a result , this new scamAttack.Phishingtargets smartphone users , where the lookalike sites are harder to spot . A recent survey that tested the British public ’ s knowledge of scams and online security behaviours found 16 % of British adults have experienced online fraud . For phishing scamsAttack.Phishingspecifically , it ’ s one in ten of us . The most common age group to experience online fraud is 35 – 54 , with almost one-fifth ( 19 % ) of this demographic having fallen victim to a scam . CEO of Get Safe Online , Tony Neate , said : “ While online fraud is common , it becomes less so when you engage common sense . “ It is very easy to cloneAttack.Phishinga real website and does not take a skilled developer long to produce a very professional-looking but malicious site , but if you know what to look for , it ’ s easy to stay safe. ” There are numerous ways to determine whether or not a received email is from a legitimate company trying to help , or a scammer looking to stealAttack.Databreachfinancial details . The initial sender is a good starting point . Take the time to look at the email address you ’ re being contacted by , not just the name . An unfamiliar address , or one that doesn ’ t correspond with the company , is a giveaway that it ’ s a fraudster . Then take a look at the greeting . If the email opens with ‘ Dear loyal customer ’ or ‘ Hello ( followed by your email address ) ’ then it ’ s another telltale sign . The real company would address you by your full name and make it personal to you . Careless slip-ups in the copy of the email are also giveaways . Does any of the grammar or spelling not sit quite right ? This is a big indicator that it ’ s a phishing scamAttack.Phishing. You wouldn ’ t expect poor language by someone from a legitimate company .
Last week , we reported about these alarming cryptocurrency scams spreading via Twitter . These were n't your garden-variety spam posts either , but rather , fraudsters were hacking into the verified accounts of celebrities and brands in an attempt to lureAttack.Phishingunsuspecting victims . But it looks like these crypto-scammers are moving on and are now targeting other social media platforms , as well . This time , they 're gaming Facebook 's official sponsored ad system to foolAttack.Phishingeager people who are looking to make a quick profit . Read on and see what this new scheme is all about . Cybercriminals are relentlessly coming up with new tactics all the time , and it 's always good to be aware of their latest schemes . This new ploy is a classic phishing scamAttack.Phishingthat 's meant to steal your personal information like your name , email and credit card numbers . And similar to other elaborate phishing scamsAttack.Phishing, these cybercriminals createdAttack.Phishinga bunch of fake websites , news articles and ads for that purpose . The whole ploy starts with a fake Facebook sponsored ad promoting an easy `` wealth building '' scheme . Accompanying the post is an embedded report that appears to originate from the news site CNBC . If you take the baitAttack.Phishingand click through the ad , the ruse gets more obvious . First , the link 's web address does n't belong to any CNBC domain . However , the fraudsters mimickedAttack.Phishingthe look and feel of the real CNBC site so there 's a chance an unsuspecting eye might get dupedAttack.Phishing. But yes sir , the entire news article is completely fraudulent , the fakest of fake news . Basically , it states that Singapore has officially adopted a certain cryptocurrency and has anointed a firm , dubbed the CashlessPay Group , to market and purchase it . Nevermind that CashlessPay sounds just like another third-rate pyramid scheme , but let 's go along for the ride , shall we ? You probably know by now that there are tons of bogus information going on in Facebook at any given time . The social media giant is trying to clean up its act , though . If you can recall , Facebook banned blockchain and cryptocurrency ads earlier this year but softened its stance by allowing pre-approved cryptocurrency advertisers to post sponsored ads . ( Ca n't resist the revenue , eh ? ) But as always , scammers have found a way to exploit this loophole to spread their scams .
PhishingAttack.Phishingis one of the most devious scams for filching your personal information , but experts say it is possible to avoid them if you know what you 're looking for . At its essence , phishingAttack.Phishingis the act of pretending to beAttack.Phishingsomeone or something you trust in order to trickAttack.Phishingyou into entering sensitive data like your user name and password . The goal -- of course -- is to take your money . Some of the most common phishing scamsAttack.Phishingare bogus emails purportedly from trustworthy institutions like the U.S.Internal Revenue Service or major banks . The more sophisticated scams are crafted to look very much likeAttack.Phishinga legitimate message from a site you do business with . “ Many popular phishing scamsAttack.Phishingpurport to beAttack.Phishingfrom shipping companies , e-commerce companies , social networking websites , financial institutions , tax-preparation companies and some of the world ’ s most notable companies , ” said Norton by Symantec senior security response manager Satnam Narang via email . One of the worst cases on record was an aircraft parts CEO who was trickedAttack.Phishinginto handing over more than $ 55 million – which shows that phishing scamsAttack.Phishingcan dupeAttack.Phishingeven smart people . Fox News asked Symantec about the top phishing scamsAttack.Phishingand how to avoid them . 1 . Your account has been or will be locked , disabled or suspended . `` Scare tactics are a common theme when it comes to phishing scamsAttack.Phishing, '' said Narang . `` Claiming a users ’ account has been or will be locked or disabled is a call to action to the user to enticeAttack.Phishingthem to provide their login credentials . '' 2 . Irregular/fraudulent activity detected or your account requires a `` security '' update . `` Extending off of # 1 , scammers will also claim irregular or fraudulent activity has been detected on your account or that your account has been subjected to a compulsory 'security update ' and you need to login to enable this security update , '' Narang said . 3 . You ’ ve received a secure or important message . `` This type of phishing scamAttack.Phishingis often associated with financial institutions , but we have also seen some claiming to beAttack.Phishingfrom a popular e-commerce website , '' said Narang . `` Because financial institutions don ’ t send customer details in emails , the premise is that users will be more inclined to click on a link or open an attachment if it claims to beAttack.Phishinga secure or important message . '' 4 . Tax-themed phishing scamsAttack.Phishing. `` Each year , tax-themed phishing scamsAttack.Phishingcrop up before tax-time in the U.S. and other countries , '' Narang added . `` These tax-related themes can vary from updating your filing information , your eligibility to receive a tax refund or warnings that you owe money . One thing that ’ s for sure is that the IRS doesn ’ t communicate via email or text message , they still send snail mail . '' 5 . Attachment-based phishingAttack.Phishingwith a variety of themes . `` Another trend we have observed in recent years is that scammers are using the luresAttack.Phishingmentioned above , but instead of providing a link to an external website , they are attaching an HTML page and asking users to open this 'secure page ' that requests login credentials and financial information , '' according to Narang . Avast , which also develop antivirus software and internet security services , offered advice on what to look for . Ransomware , which encrypts data ( i.e. , makes it inaccessible to the user ) , tries to tap into the same fears that phishingAttack.Phishingdoes . The hope that the “ attacked person will panic , and pay the ransomAttack.Ransom, ” Jonathan Penn , Director of Strategy at Avast , told Fox News .
PhishingAttack.Phishingis one of the most devious scams for filching your personal information , but experts say it is possible to avoid them if you know what you 're looking for . At its essence , phishingAttack.Phishingis the act of pretending to beAttack.Phishingsomeone or something you trust in order to trickAttack.Phishingyou into entering sensitive data like your user name and password . The goal -- of course -- is to take your money . Some of the most common phishing scamsAttack.Phishingare bogus emails purportedly from trustworthy institutions like the U.S.Internal Revenue Service or major banks . The more sophisticated scams are crafted to look very much likeAttack.Phishinga legitimate message from a site you do business with . “ Many popular phishing scamsAttack.Phishingpurport to beAttack.Phishingfrom shipping companies , e-commerce companies , social networking websites , financial institutions , tax-preparation companies and some of the world ’ s most notable companies , ” said Norton by Symantec senior security response manager Satnam Narang via email . One of the worst cases on record was an aircraft parts CEO who was trickedAttack.Phishinginto handing over more than $ 55 million – which shows that phishing scamsAttack.Phishingcan dupeAttack.Phishingeven smart people . Fox News asked Symantec about the top phishing scamsAttack.Phishingand how to avoid them . 1 . Your account has been or will be locked , disabled or suspended . `` Scare tactics are a common theme when it comes to phishing scamsAttack.Phishing, '' said Narang . `` Claiming a users ’ account has been or will be locked or disabled is a call to action to the user to enticeAttack.Phishingthem to provide their login credentials . '' 2 . Irregular/fraudulent activity detected or your account requires a `` security '' update . `` Extending off of # 1 , scammers will also claim irregular or fraudulent activity has been detected on your account or that your account has been subjected to a compulsory 'security update ' and you need to login to enable this security update , '' Narang said . 3 . You ’ ve received a secure or important message . `` This type of phishing scamAttack.Phishingis often associated with financial institutions , but we have also seen some claiming to beAttack.Phishingfrom a popular e-commerce website , '' said Narang . `` Because financial institutions don ’ t send customer details in emails , the premise is that users will be more inclined to click on a link or open an attachment if it claims to beAttack.Phishinga secure or important message . '' 4 . Tax-themed phishing scamsAttack.Phishing. `` Each year , tax-themed phishing scamsAttack.Phishingcrop up before tax-time in the U.S. and other countries , '' Narang added . `` These tax-related themes can vary from updating your filing information , your eligibility to receive a tax refund or warnings that you owe money . One thing that ’ s for sure is that the IRS doesn ’ t communicate via email or text message , they still send snail mail . '' 5 . Attachment-based phishingAttack.Phishingwith a variety of themes . `` Another trend we have observed in recent years is that scammers are using the luresAttack.Phishingmentioned above , but instead of providing a link to an external website , they are attaching an HTML page and asking users to open this 'secure page ' that requests login credentials and financial information , '' according to Narang . Avast , which also develop antivirus software and internet security services , offered advice on what to look for . Ransomware , which encrypts data ( i.e. , makes it inaccessible to the user ) , tries to tap into the same fears that phishingAttack.Phishingdoes . The hope that the “ attacked person will panic , and pay the ransomAttack.Ransom, ” Jonathan Penn , Director of Strategy at Avast , told Fox News .
PhishingAttack.Phishingis one of the most devious scams for filching your personal information , but experts say it is possible to avoid them if you know what you 're looking for . At its essence , phishingAttack.Phishingis the act of pretending to beAttack.Phishingsomeone or something you trust in order to trickAttack.Phishingyou into entering sensitive data like your user name and password . The goal -- of course -- is to take your money . Some of the most common phishing scamsAttack.Phishingare bogus emails purportedly from trustworthy institutions like the U.S.Internal Revenue Service or major banks . The more sophisticated scams are crafted to look very much likeAttack.Phishinga legitimate message from a site you do business with . “ Many popular phishing scamsAttack.Phishingpurport to beAttack.Phishingfrom shipping companies , e-commerce companies , social networking websites , financial institutions , tax-preparation companies and some of the world ’ s most notable companies , ” said Norton by Symantec senior security response manager Satnam Narang via email . One of the worst cases on record was an aircraft parts CEO who was trickedAttack.Phishinginto handing over more than $ 55 million – which shows that phishing scamsAttack.Phishingcan dupeAttack.Phishingeven smart people . Fox News asked Symantec about the top phishing scamsAttack.Phishingand how to avoid them . 1 . Your account has been or will be locked , disabled or suspended . `` Scare tactics are a common theme when it comes to phishing scamsAttack.Phishing, '' said Narang . `` Claiming a users ’ account has been or will be locked or disabled is a call to action to the user to enticeAttack.Phishingthem to provide their login credentials . '' 2 . Irregular/fraudulent activity detected or your account requires a `` security '' update . `` Extending off of # 1 , scammers will also claim irregular or fraudulent activity has been detected on your account or that your account has been subjected to a compulsory 'security update ' and you need to login to enable this security update , '' Narang said . 3 . You ’ ve received a secure or important message . `` This type of phishing scamAttack.Phishingis often associated with financial institutions , but we have also seen some claiming to beAttack.Phishingfrom a popular e-commerce website , '' said Narang . `` Because financial institutions don ’ t send customer details in emails , the premise is that users will be more inclined to click on a link or open an attachment if it claims to beAttack.Phishinga secure or important message . '' 4 . Tax-themed phishing scamsAttack.Phishing. `` Each year , tax-themed phishing scamsAttack.Phishingcrop up before tax-time in the U.S. and other countries , '' Narang added . `` These tax-related themes can vary from updating your filing information , your eligibility to receive a tax refund or warnings that you owe money . One thing that ’ s for sure is that the IRS doesn ’ t communicate via email or text message , they still send snail mail . '' 5 . Attachment-based phishingAttack.Phishingwith a variety of themes . `` Another trend we have observed in recent years is that scammers are using the luresAttack.Phishingmentioned above , but instead of providing a link to an external website , they are attaching an HTML page and asking users to open this 'secure page ' that requests login credentials and financial information , '' according to Narang . Avast , which also develop antivirus software and internet security services , offered advice on what to look for . Ransomware , which encrypts data ( i.e. , makes it inaccessible to the user ) , tries to tap into the same fears that phishingAttack.Phishingdoes . The hope that the “ attacked person will panic , and pay the ransomAttack.Ransom, ” Jonathan Penn , Director of Strategy at Avast , told Fox News .
PhishingAttack.Phishingis one of the most devious scams for filching your personal information , but experts say it is possible to avoid them if you know what you 're looking for . At its essence , phishingAttack.Phishingis the act of pretending to beAttack.Phishingsomeone or something you trust in order to trickAttack.Phishingyou into entering sensitive data like your user name and password . The goal -- of course -- is to take your money . Some of the most common phishing scamsAttack.Phishingare bogus emails purportedly from trustworthy institutions like the U.S.Internal Revenue Service or major banks . The more sophisticated scams are crafted to look very much likeAttack.Phishinga legitimate message from a site you do business with . “ Many popular phishing scamsAttack.Phishingpurport to beAttack.Phishingfrom shipping companies , e-commerce companies , social networking websites , financial institutions , tax-preparation companies and some of the world ’ s most notable companies , ” said Norton by Symantec senior security response manager Satnam Narang via email . One of the worst cases on record was an aircraft parts CEO who was trickedAttack.Phishinginto handing over more than $ 55 million – which shows that phishing scamsAttack.Phishingcan dupeAttack.Phishingeven smart people . Fox News asked Symantec about the top phishing scamsAttack.Phishingand how to avoid them . 1 . Your account has been or will be locked , disabled or suspended . `` Scare tactics are a common theme when it comes to phishing scamsAttack.Phishing, '' said Narang . `` Claiming a users ’ account has been or will be locked or disabled is a call to action to the user to enticeAttack.Phishingthem to provide their login credentials . '' 2 . Irregular/fraudulent activity detected or your account requires a `` security '' update . `` Extending off of # 1 , scammers will also claim irregular or fraudulent activity has been detected on your account or that your account has been subjected to a compulsory 'security update ' and you need to login to enable this security update , '' Narang said . 3 . You ’ ve received a secure or important message . `` This type of phishing scamAttack.Phishingis often associated with financial institutions , but we have also seen some claiming to beAttack.Phishingfrom a popular e-commerce website , '' said Narang . `` Because financial institutions don ’ t send customer details in emails , the premise is that users will be more inclined to click on a link or open an attachment if it claims to beAttack.Phishinga secure or important message . '' 4 . Tax-themed phishing scamsAttack.Phishing. `` Each year , tax-themed phishing scamsAttack.Phishingcrop up before tax-time in the U.S. and other countries , '' Narang added . `` These tax-related themes can vary from updating your filing information , your eligibility to receive a tax refund or warnings that you owe money . One thing that ’ s for sure is that the IRS doesn ’ t communicate via email or text message , they still send snail mail . '' 5 . Attachment-based phishingAttack.Phishingwith a variety of themes . `` Another trend we have observed in recent years is that scammers are using the luresAttack.Phishingmentioned above , but instead of providing a link to an external website , they are attaching an HTML page and asking users to open this 'secure page ' that requests login credentials and financial information , '' according to Narang . Avast , which also develop antivirus software and internet security services , offered advice on what to look for . Ransomware , which encrypts data ( i.e. , makes it inaccessible to the user ) , tries to tap into the same fears that phishingAttack.Phishingdoes . The hope that the “ attacked person will panic , and pay the ransomAttack.Ransom, ” Jonathan Penn , Director of Strategy at Avast , told Fox News .
PhishingAttack.Phishingis one of the most devious scams for filching your personal information , but experts say it is possible to avoid them if you know what you 're looking for . At its essence , phishingAttack.Phishingis the act of pretending to beAttack.Phishingsomeone or something you trust in order to trickAttack.Phishingyou into entering sensitive data like your user name and password . The goal -- of course -- is to take your money . Some of the most common phishing scamsAttack.Phishingare bogus emails purportedly from trustworthy institutions like the U.S.Internal Revenue Service or major banks . The more sophisticated scams are crafted to look very much likeAttack.Phishinga legitimate message from a site you do business with . “ Many popular phishing scamsAttack.Phishingpurport to beAttack.Phishingfrom shipping companies , e-commerce companies , social networking websites , financial institutions , tax-preparation companies and some of the world ’ s most notable companies , ” said Norton by Symantec senior security response manager Satnam Narang via email . One of the worst cases on record was an aircraft parts CEO who was trickedAttack.Phishinginto handing over more than $ 55 million – which shows that phishing scamsAttack.Phishingcan dupeAttack.Phishingeven smart people . Fox News asked Symantec about the top phishing scamsAttack.Phishingand how to avoid them . 1 . Your account has been or will be locked , disabled or suspended . `` Scare tactics are a common theme when it comes to phishing scamsAttack.Phishing, '' said Narang . `` Claiming a users ’ account has been or will be locked or disabled is a call to action to the user to enticeAttack.Phishingthem to provide their login credentials . '' 2 . Irregular/fraudulent activity detected or your account requires a `` security '' update . `` Extending off of # 1 , scammers will also claim irregular or fraudulent activity has been detected on your account or that your account has been subjected to a compulsory 'security update ' and you need to login to enable this security update , '' Narang said . 3 . You ’ ve received a secure or important message . `` This type of phishing scamAttack.Phishingis often associated with financial institutions , but we have also seen some claiming to beAttack.Phishingfrom a popular e-commerce website , '' said Narang . `` Because financial institutions don ’ t send customer details in emails , the premise is that users will be more inclined to click on a link or open an attachment if it claims to beAttack.Phishinga secure or important message . '' 4 . Tax-themed phishing scamsAttack.Phishing. `` Each year , tax-themed phishing scamsAttack.Phishingcrop up before tax-time in the U.S. and other countries , '' Narang added . `` These tax-related themes can vary from updating your filing information , your eligibility to receive a tax refund or warnings that you owe money . One thing that ’ s for sure is that the IRS doesn ’ t communicate via email or text message , they still send snail mail . '' 5 . Attachment-based phishingAttack.Phishingwith a variety of themes . `` Another trend we have observed in recent years is that scammers are using the luresAttack.Phishingmentioned above , but instead of providing a link to an external website , they are attaching an HTML page and asking users to open this 'secure page ' that requests login credentials and financial information , '' according to Narang . Avast , which also develop antivirus software and internet security services , offered advice on what to look for . Ransomware , which encrypts data ( i.e. , makes it inaccessible to the user ) , tries to tap into the same fears that phishingAttack.Phishingdoes . The hope that the “ attacked person will panic , and pay the ransomAttack.Ransom, ” Jonathan Penn , Director of Strategy at Avast , told Fox News .
Staff are still falling for phishing scamsAttack.Phishing, with social media friend requests and emails pretending to come fromAttack.Phishingthe HR department among the ones most likely to foolAttack.Phishingworkers into handing over usernames and passwords . Phishing scamsAttack.Phishingaim to trickAttack.Phishingstaff into handing over data -- normally usernames and passwords -- by posing asAttack.Phishinglegitimate email . It 's a technique used by the lowliest criminals as part of ransomware campaigns , right up to state-backed hackers because it continues to be such an effective method . In a review of 100 simulated attack campaigns for 48 of its clients , accounting for almost a million individual users , security company MWR Infosecurity found that sendingAttack.Phishinga bogus friend request was the best way to get someone to click on a link -- even when the email was being sentAttack.Phishingto a work email address . Almost a quarter of users clicked the link to be taken through to a fake login screen , with more than half going on to provide a username and password , and four out of five then going on to download a file . A spoof email claiming to beAttack.Phishingfrom the HR department referring to the appraisal system was also very effective : nearly one in five clicked the link , and three-quarters provided more credentials , with a similar percentage going on to download a file . Some might argue that gaining accessAttack.Databreachto a staff email account is of limited use , but the security company argues that this is a handy for an assault . A hacker could dumpAttack.Databreachentire mailboxes , accessAttack.Databreachfile shares , run programs on the compromised user 's device , and access multiple systems , warned MWR InfoSecurity . Even basic security controls , such as two-factor authentication or disabling file and SharePoint remote access , could reduce the risk . The company also reported bad news about the passwords that users handed over : while over 60 percent of passwords were found to have a length of 8 to 10 characters -- the mandatory minimum for many organizations -- the company argued that this illustrates how users stick to minimum security requirements . A third of the passwords consisted of an upper-case first letter , a series of lower-case letters , and then numbers with no symbols . It also found that 13.6 percent of passwords ended with four numbers in the range of 1940 to 2040 . Of those , nearly half ended in 2016 , which means one-in-twenty of all passwords end with the year in which they were created .
Social media scams such as blackmail , identity theft , money laundering and dating scams are expected to gain popularity in SA this year . This is according to Kovelin Naidoo , chief cyber security officer at FNB , who explains that although social media scams in SA are not yet as prevalent as global counterparts ; the reality is that they do exist . As social media continues to gain prominence among South African consumers , Naidoo believes platforms like Instagram , Youtube , Facebook and Twitter have also become a platform where fraudsters attempt to catch unsuspecting consumers off guard . `` Given that the popularity of social media is set to remain for the coming years , consumers are encouraged to constantly educate themselves and their loved ones about the latest methods that fraudsters use to get hold of their victims ' personal information , '' adds Naidoo . Naidoo warns consumers to look out for money laundering scams - when scammers trickAttack.Phishingpeople through social media platforms by claiming to have large sums of cash that they need to deposit urgently through a foreign bank account and identity theft - when fraudsters stealAttack.Databreachinformation and use it illegally by impersonating victims . `` Social media blackmail is another scam to watch out for - never share personal photos or videos on social media that portray you in a compromising position as scammers can use these against you by threatening to send them to close family members or upload them on public platforms . Another scam to gain traction is a social media phishing scamAttack.Phishing, where fraudsters pretend to representAttack.Phishingthe victim 's bank on social media platforms , '' advises Naidoo . Manuel Corregedor , COO of Telspace Systems , says consumers who use social media platforms to meet companions or their life partners should also look out for dating or romance scams . `` In these scams , criminals play on the emotions of victims in order to scam them out of money i.e . they target certain profiles based on age , gender and marital status . Once connected , the criminal starts to 'build a relationship ' , with the victim as a means to get them to like or love them . Once this happens , the criminal plays on the victim 's emotions as a means to get money from the client . '' It is necessary to create an awareness around such scams and educate people , advises Corregedor . However , it should be noted , that these scams are not new - they existed before social media . Additional things users can do to protect themselves online is to only add people on social media sites , in particular Facebook , that they have met in person before ; restrict who can see your photos , posts , and look out for the following signs that it might be a scam . Denis Makrushin , security researcher at Kaspersky Lab , says that social media chain letters and phishingAttack.Phishingis also expected to gain traction this year . `` Some social media messages ask recipients to send a small sum of money to certain addressees . Cyber criminals use chain letters to distribute malware - a letter may contain a link to a malicious Web site . A recipient is luredAttack.Phishinginto visiting the site on some pretext or other , for example they are warned about a virus epidemic and are offered the possibility to download an 'antivirus program ' . `` Furthermore phishing scamsAttack.Phishingvia social media messages are also markedly more detailed and sophisticated than the average phishing e-mail . For example , one might be a security alert saying that someone just tried to sign into your account from such and such address using such and such browser - all you have to do is click the link to check that everything 's OK , '' he explains . Naidoo advises social media users to never share their banking details with strangers and to think twice before sending money to someone you recently met online or have n't met in person yet .
Conmen are taking phishing scamsAttack.Phishingto the next level , targeting Apple users with emails and calls to a fake Apple Care service . While emails are a fairly common way of luringAttack.Phishingvictims , it ’ s not every day that you hear about calls being involved to dupeAttack.Phishingfolks . Ars Technica reports that the attackAttack.Phishingbegins with an email which is designed to look likeAttack.Phishingan official iCloud account warning . It claims a sign-in attempt was blocked on their account since someone tried to use their password . There ’ s a “ Check Activity ” button which opens up a page on a compromised site for a men ’ s salon in South India . The webpage immediately redirectsAttack.Phishingthe victim to another site , followed by another redirection to a fake Apple Support page asking them to contact support since their iPhone has been locked due to illegal activity . If they fall for the baitAttack.Phishing, the site launches a “ scanning ” box which eventually gives way to a pop-up box prompting the victim to call a number . If the email is opened in an iPhone , the number can be called straightaway . iPads and Macs can ’ t do the same , so the system will ask if they want to open it in FaceTime . The publication actually dialed the number and got in touch with someone who described themselves as “ Lance Roger from Apple Care. ” It seems the elaborate scheme is targeting email addresses associated with iCloud . The end game is to trickAttack.PhishingiPhone users into enrolling in a rogue mobile device management service . This allows the attackers to push infected apps onto the victim ’ s device , all the while pretendingAttack.Phishingthis is a part of Apple ’ s security service . The phishing site is still live right now , but both Google and Apple have marked it as deceptive . Ars Technica has additionally passed on the technical details of the scam to an Apple security team member . The company told Engadget that it has resources on its support website to help people tell right from wrong . Everyday iOS users could still easily get fooled though .
Criminals are attempting to trickAttack.Phishingconsumers into handing over passwords and credit card details by taking advantage of the flood of emails being sent outAttack.Phishingahead of new European privacy legislation . The European Union 's new General Data Protection Regulation ( GDPR ) come into force on 25 May and the policy is designed to give consumers more control over their online data . As a result , in the run-up to it , organisations are sending outAttack.Phishingmessages to customers to gain their consent for remaining on their mailing lists . With so many of these messages being sent outAttack.Phishing, it was perhaps only a matter of time before opportunistic cybercriminals looked to take advantage of the deluge of messages about GDPR and privacy policies arriving in people 's inboxes . A GDPR-related phishing scamAttack.Phishinguncovered by researchers at cyber security firm Redscan is doing just this in an effort to steal data with emails claiming to beAttack.Phishingfrom Airbnb . The attackers appear to beAttack.Phishingtargeting business email addresses , which suggests the messages are sentAttack.Phishingto emails scraped from the web . The phishing message addresses the user as an Airbnb host and claimsAttack.Phishingthey 're not able to accept new bookings or sendAttack.Phishingmessages to prospective guests until a new privacy policy is accepted . `` This update is mandatory because of the new changes in the EU Digital privacy legislation that acts upon United States based companies , like Airbnb in order to protect European citizens and companies , '' the message says , and the recipient is urgedAttack.Phishingto click a link to accept the new privacy policy . Those who click the link are asked to enter their personal information , including account credentials and payment card information . If the user enters these , they 're handing the data straight into the hands of criminals who can use it for theft , identity fraud , selling on the dark web and more . `` The irony wo n't be lost on anyone that cybercriminals are exploiting the arrival of new data protection regulations to stealAttack.Databreachpeople 's data , '' said Mark Nicholls , Director of Cyber Security at Redscan . `` Scammers know that people are expecting exactly these kinds of emails this month and that they are required to take action , whether that 's clicking a link or divulging personal data . It 's a textbook phishing campaignAttack.Phishingin terms of opportunistic timing and having a believable call to action '' . Airbnb is sending messages to users about GDPR , but the messages contain far more detail and do n't ask the users to enter any credentials , merely agree to the new Terms of Service . While the phishing messages might look legitimate at first glance , it 's worth noting they do n't use the right domain - the fake messages come fromAttack.Phishing' @ mail.airbnb.work ' as opposed to ' @ airbnb.com ' . Redscan has warned that attackers are likely to use GDPR as baitAttack.Phishingfor other phishing scamsAttack.Phishing, with messages claiming to beAttack.Phishingfrom other well-known companies . `` As we get closer to the GDPR implementation deadline , I think we can expect to see a lot a lot more of these types of phishing scamsAttack.Phishingover the next few weeks , that 's for sure , '' said Nicholls , who warned attackers could attempt to use the ploy to deliver malware in future . `` In the case of the Airbnb scam email , hackers were attempting to harvestAttack.Databreachcredentials . Attack vectors do vary however and it 's possible that other attacks may attempt to infect hosts with keyloggers or ransomware , for example . '' he said . Airbnb said those behind the attacks have n't accessedAttack.Databreachuser details in order to sendAttack.Phishingemails and that users who receiveAttack.Phishinga suspicious message claiming to beAttack.Phishingfrom Airbnb should send it to their safety team . `` These emails are a brazen attempt at using our trusted brand to try and stealAttack.Databreachuser 's details , and have nothing to do with Airbnb . We 'd encourage anyone who has receivedAttack.Phishinga suspicious looking email to report it to our Trust and Safety team on report.phishing @ airbnb.com , who will fully investigate , '' an Airbnb spokesperson told ZDNet . Airbnb also provided information on how to spot a fake email to help users to determine if a message is genuine or not .
Criminals are attempting to trickAttack.Phishingconsumers into handing over passwords and credit card details by taking advantage of the flood of emails being sent outAttack.Phishingahead of new European privacy legislation . The European Union 's new General Data Protection Regulation ( GDPR ) come into force on 25 May and the policy is designed to give consumers more control over their online data . As a result , in the run-up to it , organisations are sending outAttack.Phishingmessages to customers to gain their consent for remaining on their mailing lists . With so many of these messages being sent outAttack.Phishing, it was perhaps only a matter of time before opportunistic cybercriminals looked to take advantage of the deluge of messages about GDPR and privacy policies arriving in people 's inboxes . A GDPR-related phishing scamAttack.Phishinguncovered by researchers at cyber security firm Redscan is doing just this in an effort to steal data with emails claiming to beAttack.Phishingfrom Airbnb . The attackers appear to beAttack.Phishingtargeting business email addresses , which suggests the messages are sentAttack.Phishingto emails scraped from the web . The phishing message addresses the user as an Airbnb host and claimsAttack.Phishingthey 're not able to accept new bookings or sendAttack.Phishingmessages to prospective guests until a new privacy policy is accepted . `` This update is mandatory because of the new changes in the EU Digital privacy legislation that acts upon United States based companies , like Airbnb in order to protect European citizens and companies , '' the message says , and the recipient is urgedAttack.Phishingto click a link to accept the new privacy policy . Those who click the link are asked to enter their personal information , including account credentials and payment card information . If the user enters these , they 're handing the data straight into the hands of criminals who can use it for theft , identity fraud , selling on the dark web and more . `` The irony wo n't be lost on anyone that cybercriminals are exploiting the arrival of new data protection regulations to stealAttack.Databreachpeople 's data , '' said Mark Nicholls , Director of Cyber Security at Redscan . `` Scammers know that people are expecting exactly these kinds of emails this month and that they are required to take action , whether that 's clicking a link or divulging personal data . It 's a textbook phishing campaignAttack.Phishingin terms of opportunistic timing and having a believable call to action '' . Airbnb is sending messages to users about GDPR , but the messages contain far more detail and do n't ask the users to enter any credentials , merely agree to the new Terms of Service . While the phishing messages might look legitimate at first glance , it 's worth noting they do n't use the right domain - the fake messages come fromAttack.Phishing' @ mail.airbnb.work ' as opposed to ' @ airbnb.com ' . Redscan has warned that attackers are likely to use GDPR as baitAttack.Phishingfor other phishing scamsAttack.Phishing, with messages claiming to beAttack.Phishingfrom other well-known companies . `` As we get closer to the GDPR implementation deadline , I think we can expect to see a lot a lot more of these types of phishing scamsAttack.Phishingover the next few weeks , that 's for sure , '' said Nicholls , who warned attackers could attempt to use the ploy to deliver malware in future . `` In the case of the Airbnb scam email , hackers were attempting to harvestAttack.Databreachcredentials . Attack vectors do vary however and it 's possible that other attacks may attempt to infect hosts with keyloggers or ransomware , for example . '' he said . Airbnb said those behind the attacks have n't accessedAttack.Databreachuser details in order to sendAttack.Phishingemails and that users who receiveAttack.Phishinga suspicious message claiming to beAttack.Phishingfrom Airbnb should send it to their safety team . `` These emails are a brazen attempt at using our trusted brand to try and stealAttack.Databreachuser 's details , and have nothing to do with Airbnb . We 'd encourage anyone who has receivedAttack.Phishinga suspicious looking email to report it to our Trust and Safety team on report.phishing @ airbnb.com , who will fully investigate , '' an Airbnb spokesperson told ZDNet . Airbnb also provided information on how to spot a fake email to help users to determine if a message is genuine or not .
According to the Graham Cluley , hackers are conducting phishing attacksAttack.Phishingon gamers using two types of emails to steal their login credentials . Hackers are sendingAttack.Phishingemails to World of Warcraft players making them believe that they have won a prize followed by a link to claim it by putting their Blizzard account credentials . The items used in the email are “ Battlepaw ” an in-game pet , and a flying mount called “ Mystic Runesaber ” . Both these items are legitimate and can be bought in the game , which makes these emails more believable , but of course , it ’ s all just a lie . Once you click the email , a new window will appearAttack.Phishingasking you to enter the login details of your blizzard account , and if you do that , the hacker will receiveAttack.Databreachyour information , which can either be sold or used personally . “ You are receiving this e-mail because your friend has purchased World of Warcraft In-Game Pet : Brightpaw for you as a gift ! This would have been a perfect scam if not for the two obvious flaws in the email . First one is the suspicious looking question mark after Battle dot net , and the second one is named Blizzard Entertainment wrote at the end of the email . Like all the other phishing scamsAttack.Phishing, this one also relies on the poor judgment of the recipients and to make sure that you do not fall into this trap you must be very careful when you receive an email from an unknown sender
When it comes to phishing scamsAttack.Phishing, the general concept is that cyber criminals will only sendAttack.Phishinga link to trickAttack.Phishingusers into logging in with their social media or email credentials . But since that is an old school trick , the malicious threat actors are aiming at much more than your Facebook or Gmail password . Recently , we discovered a sophisticated phishing campaignAttack.Phishingtargeting Apple users . The aim of this attackAttack.Databreachis to stealAttack.Databreachtheir Apple ID , credit card data , a government issued ID card , and or passport . That ’ s not all , the scam also asks users to provide it with access to their device webcam to take their snap for verification purposes . It all starts with users receivingAttack.Phishingan email in which the sender poses asAttack.Phishingone of the officials from Apple Inc . The email alerts the user that their iCloud account is on hold because of an unusual sign in activity through an unknown browser and in case they didn ’ t log in from the device mentioned in the email they need to click on a link to change the password . Those who understand how phishing scamsAttack.Phishingwork will know how to ignore it , but unsuspecting users may fall for it and be trickedAttack.Phishinginto clicking the link and giving away their personal and financial information . Upon clicking the link users are takenAttack.Phishingto the phishing page which looks exactly likeAttack.Phishingthe official Apple ID login page . The users then are then asked to enter their Apple ID and its password to proceed . Once the users are logged in , they are taken to another page which asks users for their credit card details including cardholder name , card number , expiration date , CVV code and ED secure password . Upon giving this info , the users are asked to click the next tab . Remember by now the scammers have got your Apple ID login credentials and credit card information . Because criminals will remain criminals , the more you feed them the more they will ask for . Once the “ next ” tab is clicked , users are invited to enter their personal information including full name , date of birth , country , state , city , address , Zip code and phone number . This is done to use user information for further scams like identity theft and social engineering frauds . Once your personal information is handed over to the criminals , the page asks users to click the “ finish ” tab , but they aren ’ t done yet . Upon clicking the Finish tab users are taken to another page asking them to upload their password , a government issued identity card or the driver license – both sides . The users can click skip to avoid uploading their government issued documents but then they need to allow the website to access their device ’ s camera and microphone to take a snap of them . The users can also click the “ Skip ” tab , and the page will redirect them to the official Apple ID website . Good news is that Google Chrome has already detected the scam and marked the phishing domain as “ Deceptive. ” However , the bad news is that Firefox , Opera , and Safari browsers didn ’ t show any warning messages to their users therefore if you are using these browsers be vigilant .
When it comes to phishing scamsAttack.Phishing, the general concept is that cyber criminals will only sendAttack.Phishinga link to trickAttack.Phishingusers into logging in with their social media or email credentials . But since that is an old school trick , the malicious threat actors are aiming at much more than your Facebook or Gmail password . Recently , we discovered a sophisticated phishing campaignAttack.Phishingtargeting Apple users . The aim of this attackAttack.Databreachis to stealAttack.Databreachtheir Apple ID , credit card data , a government issued ID card , and or passport . That ’ s not all , the scam also asks users to provide it with access to their device webcam to take their snap for verification purposes . It all starts with users receivingAttack.Phishingan email in which the sender poses asAttack.Phishingone of the officials from Apple Inc . The email alerts the user that their iCloud account is on hold because of an unusual sign in activity through an unknown browser and in case they didn ’ t log in from the device mentioned in the email they need to click on a link to change the password . Those who understand how phishing scamsAttack.Phishingwork will know how to ignore it , but unsuspecting users may fall for it and be trickedAttack.Phishinginto clicking the link and giving away their personal and financial information . Upon clicking the link users are takenAttack.Phishingto the phishing page which looks exactly likeAttack.Phishingthe official Apple ID login page . The users then are then asked to enter their Apple ID and its password to proceed . Once the users are logged in , they are taken to another page which asks users for their credit card details including cardholder name , card number , expiration date , CVV code and ED secure password . Upon giving this info , the users are asked to click the next tab . Remember by now the scammers have got your Apple ID login credentials and credit card information . Because criminals will remain criminals , the more you feed them the more they will ask for . Once the “ next ” tab is clicked , users are invited to enter their personal information including full name , date of birth , country , state , city , address , Zip code and phone number . This is done to use user information for further scams like identity theft and social engineering frauds . Once your personal information is handed over to the criminals , the page asks users to click the “ finish ” tab , but they aren ’ t done yet . Upon clicking the Finish tab users are taken to another page asking them to upload their password , a government issued identity card or the driver license – both sides . The users can click skip to avoid uploading their government issued documents but then they need to allow the website to access their device ’ s camera and microphone to take a snap of them . The users can also click the “ Skip ” tab , and the page will redirect them to the official Apple ID website . Good news is that Google Chrome has already detected the scam and marked the phishing domain as “ Deceptive. ” However , the bad news is that Firefox , Opera , and Safari browsers didn ’ t show any warning messages to their users therefore if you are using these browsers be vigilant .
Last late April a friend of mine had his iPhone stolen in the streets—an unfortunately familiar occurrence in big , metropolitan areas in countries like Brazil . He managed to buy a new one , but kept the same number for convenience . Nothing appeared to be out of the ordinary at first—until he realized the thief changed his Facebook password . Fortunately , he was able to recover and update it , as his phone number was tied to his Facebook account . But a pickpocket accessing his victim ’ s Facebook account is quite unusual . After all , why would a crook be interested with his victim ’ s Facebook account for when the goal is usually to use or sell the stolen device ? It didn ’ t stop there ; a day after , my friend curiously receivedAttack.Phishinga phishing SMS message on his new phone . What ’ s interesting here is the blurred line between traditional felony and cybercrime—in particular , the apparent teamwork between crooks and cybercriminals that results in further—possibly more sophisticated—attacks . Figure 1 : SMS message with a link to a phishing page The SMS message , written in Portuguese , translates to : “ Dear user : Your device in lost mode was turned on and found ; access here and view its last location : ” . The message was accompanied with a link pointing to hxxp : //busca-devices [ . ] pe [ . ] hu , which we found to be a phishing page with a log-in form asking for Apple ID credentials . We then checked the last location of his stolen iPhone , the official iCloud website indeed confirmed that it was where he had the phone snatched . Figure 2 : Phishing page asking for Apple ID credentials Connecting the dots , it appears the modus operandi is to physically steal the victim ’ s phone ( while in use , so they can still access the apps ) , uncover the device ’ s number , then try changing the password of installed social networking ( and possibly email ) apps—probably to extort the victim in the future—before turning the stolen device off as soon as possible . Attackers then try to grab the victim ’ s Apple ID credentials using a phishing page and a socially engineered SMS message pretending to beAttack.PhishingApple . Apart from perpetrating identity theft , getting their hands on Apple credentials allows them to disable the Activation Lock feature in iOS devices which would enable them to wipe the phone ( as part of an attack , or for them to reuse the device ) . Figure 3 : iCloud phishing page advertised in the Brazilian underground Interestingly , we came across an iCloud phishing page peddled for R $ 135 ( roughly equivalent to US $ 43 as of May 4 , 2017 ) during one our recent forays into the Brazilian underground . The phishing page offered for rent came with a video tutorial explaining how the service works . Coincidence ? While there may be no direct correlation , it wouldn ’ t be surprising if it somehow intersects with my friend ’ s iPhone scam situation—given how Apple credentials are one of the commodities sold in Brazil ’ s online underworld . In fact , this kind of attack has been reported in Brazil as early as 2015 . The moral of my friend ’ s story ? Traditional crime and cybercrimes are not mutually exclusive and can , in fact , work together in seemingly bigger attacks or malicious schemes . Another lesson learned ? Physical security strengthens cybersecurity . This rings true—even intuitive—not only to individual end users . Organizations understand that the risks of attacks are just as significant if their workplace ’ s perimeters aren ’ t as properly secure as their virtual/online walls . Indeed , today ’ s increasingly intricate—and in a lot of cases , brazen—attacks , whether physical or in cyberspace , call for being more proactive . Being aware of red flags in phishing scamsAttack.Phishing, securing the privacy of mobile apps , and adopting best practices for BYOD devices , are just some of them . These are complemented by physically securing mobile devices—from password-protecting important documents to employing biometrics or strong PINs to prevent unauthorized access to the device ’ s apps . Users can also benefit from multilayered mobile security solutions such as Trend Micro™ Mobile Security for Apple devices ( available on the App Store ) that can monitor and block phishing attacksAttack.Phishingand other malicious URLs . For organizations , especially those that use BYOD devices , Trend Micro™ Mobile Security for Enterprise provides device , compliance and application management , data protection , and configuration provisioning , as well as protect devices from attacks that leverage vulnerabilities , preventing unauthorized access to apps , as well as detecting and blocking malware and fraudulent websites . With help from our colleagues from PhishLabs , we were able to take down the phishing pages that were still online . We also disclosed to Apple our findings related to this threat . The domains we uncovered related to this scam are in this appendix .
Cyber Monday is here ! If you avoided the retail stores and skipped their Black Friday deals , do n't worry , you 'll get another chance for major savings today . From clothing to travel to exclusive online-only deals , Cyber Monday still has tons to offer . But just in time for the Cyber Monday shopping rush , watch out for sinister phishing scamsAttack.Phishingthat are making the rounds . With more online shoppers this time around - searching every nook and cranny of the web in search of the best Cyber Monday deals - crooks are again looking to dupeAttack.Phishingunsuspecting bargain hunters . Stop and Think , Did I order this ? One of the most effective tools for a cybercriminal is the phishing scamAttack.Phishing. This is when a scammer poses asAttack.Phishinga trustworthy entity and tries trickingAttack.Phishingyou into clicking on a malicious link . Their ultimate goal , of course , is to stealAttack.Databreachyour sensitive information such as credit card details , usernames and passwords . With this year 's holiday online shopping numbers projected to be the biggest ever , millions of items will be processed and shipped . With this surge in shipping activity , consumer protection groups are warning everyone to watch out for fake delivery notices and package verification scams . For example , if you receiveAttack.Phishingan email from `` Amazon '' saying that you have a pending delivery that needs verification from you , then that is most likely a phishing scamAttack.Phishing. Other email phishing scamsAttack.Phishingmay also pretend to provideAttack.Phishingyou with a link for shipping updates or special discount coupons and offers . Another popular ploy is the phantom order scam . These alarming emails are meant to get you clicking by pretendingAttack.Phishingyou ordered thousands of dollars of merchandise . But before you click that link , look out , these deceitful messages can be extremely convincing . Fake delivery and shipping notifications can look just likeAttack.Phishingthe real thing , using real logos and art from company websites . These cybercriminals will even set upAttack.Phishingfake websites that look likeAttack.Phishingthe real deal to lureAttack.Phishingyou into giving away your personal information and credit card details .
For all the sophisticated tactics , techniques , and procedures employed by threat actors these days , phishingAttack.Phishingcontinued to be the top attack vector in 2016 , as it has been for some time . The big difference was that instead of targeting financial services companies , phishers increasingly targeted cloud storage service providers like Google and DropBox , security vendor PhishLabs said in a voluminous report on phishing trends released this week . Compared to 2013 , when barely 10 % of phishing attacksAttack.Phishingtargeted cloud storage services , about 22.5 % of phishing attacksAttack.Phishinglast year involved such companies . That was just barely below the 23 % of phishing scamsAttack.Phishinginvolving financial brands , the company noted . What that means is that users are likely going to get more phishing emails this year trying to get them to part with credentials to their cloud storage credentials . `` Over the last four years , the number of phishing attacksAttack.Phishingtargeting cloud storage services has skyrocketed , '' says Crane Hassold , senior security threat researcher at PhishLabs . `` Based on recent trends , it is likely that phishing attacksAttack.Phishingtargeting cloud storage services will overtake financial institutions as the top target for phishers in 2017 . '' So far at least , almost all phishing attacksAttack.Phishingimpacting this industry have involved only Google and DropBox . Many of the phishing campaignsAttack.Phishingtargeting cloud storage providers contain luresAttack.Phishingsaying that a document or picture has been shared with the victim and encourage them to sign in to their account in order to view it . A majority of the phishing pages involved in such campaignsAttack.Phishinghave really been poor duplicates of the pages used by Google , DropBox , and other legitimate sites . Even so , `` based on the growing popularity of these types of attacksAttack.Phishing, phishers must still be having success compromising victim even with this lack of authenticity , '' Hassold says . The PhishLabs report is based on an analysis of some one million confirmed phishing sites spread across more than 170,000 unique domains , and also from the company ’ s handling of more than 7,800 phishing attacksAttack.Phishingper month in 2016 . The analysis showed an alarming increase across the board in phishing-related activitiesAttack.Phishing. The number of phishing sites in 2016 , for instance , was 23 % higher than the year before , while the volume of phishing emails grew by an average of 33 % across financial services , cloud storage/file hosting , webmail/online , payment services , and ecommerce sites . PhishLabs identified a total of 976 brands belonging to 568 organizations that cybercriminal used in phishing campaignsAttack.Phishinglast year . The kind of data that phishers went after also broadened considerably last year . In addition to account credentials and personal data , phishers also used their phishing luresAttack.Phishingto try and snag financial , employment , and account security data like answers to challenge/response questions and mother ’ s maiden name . Ransomware 's Best Friend In 2016 , phishingAttack.Phishingalso continued to be by far the most prevalent method for delivering ransomware on everything from end user systems to systems belonging to businesses , government agencies , schools , and critical infrastructure targets . The use of email as an authentication measure made it easier for phishers to mass harvestAttack.Databreachcredentials for all email services on a single phishing site , instead of having to target email providers individually , Hassold says . `` Additionally , because a growing number of Web services are using email as a primary credential , phishers are able to multiply their profits by conducting password reuse attacks against these unsuspecting targets , '' he says . The easy availability of phish kits , or ready-to-use templates for creating working phishing sites , contributed to the problem . Many of these kits included sophisticated anti-detection mechanisms . Mechanisms included access control measures based on IP address , HTTP referrer , and hostname , whitelists , and blocklists . `` The big takeaway is that we ’ ve created ideal conditions for the mass harvestingAttack.Databreachof credentials via phishing attacksAttack.Phishing, '' Hassold notes . Unlike in the past where phishers were focused on immediate gains—by going after and selling access to financial accounts for instance—they are now trying to maximize the information they can compromise with the least effort .