Types of Phishing

How to avoid becoming the Bait

Cybercriminals are crafty and creative. As we become more and more reliant on technology, nobody is immune to their nefarious activities. Through various types of phishing scams, they exploit the lonely, the poor, the honest, the helpful, the elderly, the rich and certainly the naïve in ways that never cease to astound. From winning lottery numbers to claimed inheritances and fortunes themselves – these Trojan horses come dressed for children’s parties in what they offer, yet never ever deliver on.

types of phishing

Fake login domains, crypto giveaways, Fong-kong friend requests, impersonators and direct winning messages on so many platforms – you cannot make this stuff up even if you tried. Whether highly targeted or by generic mail scam – it makes one wonder if getting a job isn’t less effort than the dubious lengths these chancers will go to steal a buck. 

It’s absurd. And so absurd, the names for classifying these varied types of phishing cyberattacks reflect it. So let’s start with our frank definition of Phishing.

A cyber attack that attempts to steal your money, or obtain your identity by luring you into very shady corners of the Internet.

These scams are cleverly designed to make you reveal personal information such as identification and credit card numbers, banking details, or passwords on websites,  to people online that pretend to be legitimate.

Email Scams – The Most Common Types of Phishing

We come across it regularly and somehow, it still seems to occasionally bypass our Spam filters and into our Inboxes. Scammers attempting to phish your details by email in the shotgun approach scammers use to see who falls for the deception. These emails usually inform the reader that their banking details may have been compromised only to take you to a well-designed login interface that looks very similar to yours. Thus capturing your details that way so by the time you log into your correct banking service, you’ll find that you have been cleaned out. 

types of phishing

Sextortion is also popular in informing a recipient that they have been caught on webcam visiting adult websites. Threatening to release the videos of you to your employers and family.

Rahn’s Expert Tip: Avoid clicking on links. Ring your bank or service provider to verify that an email has been sent out. Lastly, run the link through a fraudulent link detector such as Mimecast, Cloudflare and Microsoft Defender

Spear Phishing & Whaling

More specialized and highly sophisticated, these types of phishing for your details generally target system administrators and executives. Usually informing them of some bogus labour malpractice that they need to rectify by visiting fraudulent domains and entering crucial company information. These can ultimately lead to DDoS attacks and Ransomware executed on your internal WAN. We’ve seen this recently in high-profile cases such as SARS, the City of Joburg, and of course TransUnion

Rahn’s Expert Tip: Analyse the threat and elevate it to management. Contact the relevant regulatory body directly to verify any claims, threats or offers before clicking on any link. When the personal information of your entire customer database is in jeopardy, the utmost caution and hesitance must be observed. 

Smishing & Vishing – Phishing Your Details by SMS or Voice 

Syndicates phishing your details are known to take someone off the street and train them to sound uber-professional when interacting with you via SMS or a phone call. Making the lies harder to spot than on a poorly drafted “professional” email that often gives it away. The key is never to relay details over the phone with anyone that calls YOU to “verify” your details. 

Rahn’s Expert Tip: Only phone official contact numbers and never click on attachments. 

Search Engine Types of Phishing

Phishing your details via Search Engine Poisoning is when hackers drive themselves to the top of search engines to take you to their fraudulent shopping or social media sites directly. It takes time, a lot of content and careful manipulation of Google’s ranking factors (before the Search engine finally reels in the dirty catch!)

Rahn’s Expert Tip: Ensure that the website you land on has an SSL certificate, evident by the lock symbol on the address bar. Run the website address through a scam detector software, and thoroughly research reviews of any website you are about to make a transaction on.

Rahn – Assisting Companies in tackling Illicit Online Activities

It’s highly unlikely that any bank will mail you from a Gmail address, but by accidentally installing Trojan bots or other harmful Malware – your activity can be monitored and credentials can be stolen if constant vigilance is not applied.

PhishingAlert

At Rahn Consolidated Pty Ltd, we recognise that different types of phishing scams are another rod, cast by financial criminals who use technology to facilitate money laundering. Through specialised financial crime compliance software and the placement of software experts, we provide innovative solutions to identify financial crimes such as fraud, money laundering, and terrorist funding, alongside non-financial crimes such as human and wildlife trafficking. 

Don’t become easy bait for brazen criminals. Contact our team today to explore how we can assist you in verifying all incoming data and mitigating operational risks for your financial services company.