Catch Phish If You Can
There are some movies you can watch over and over again. For me, it’s “Catch Me If You Can,” Steven Spielberg’s 2002 crime film based on the life of con artist, Frank Abagnale. Abagnale, portrayed by Leonardo DiCaprio, poses as a variety of professions (a pilot, a doctor, and a lawyer) as he forges checks all around world and steals millions of dollars. His attention to detail and ability to charm people are key elements of his schemes, which, as a security expert, reminded me a lot about phishing scams.
Frank convinced banks to give him money through fake checks, but hackers convince you to give up your information through fake emails and URLs. These emails and URLs are nearly identical to emails you might receive from your bank or insurance carriers and often ask you to “confirm” your sensitive information.
Phishing scams also utilize social engineering, a technique DiCaprio’s character used perfectly to his advantage throughout the film. Time and again, Abagnale uses his ability to charm people into trusting him in order to get what he wants; a bank account, a pilot’s uniform, and even a fiancée. Cybercriminals do the exact same — they rely on people’s trusting demeanors in order to get what they want, which in their case is their victim’s personal information.
While there are many comparisons between Frank’s conning tactics and today’s scams, it’s important to remember that the resources and attacks vectors available to today’s criminals have expanded. Even though Frank was successful, he was still limited compared to today’s tech advancements. Digitization has opened new doors for hackers, especially when it comes to mobile devices. In fact, it’s been reported that mobile devices users, specifically iOS devices, are the biggest target for mobile phishing attacks.
So how can you catch these attempts to steal your information? We’re glad you asked.
- How much is too much? If you’re being asked for too much information, be cautious.
- Address unknown: Before logging into an account, make sure it has the correct web address.
- What’s in a name: Do you recognize the sender’s name and email address? Does the company’s email match others you’ve received? Check these before responding!
- It’s ok to hover: Before you click that link, hover over it to see if the URL address looks legitimate.
- Is it too good to be true? “Free” offers, or deals that sound out of this world probably are. Avoid these like the plague.
- Security is key: Always use comprehensive security software to protect your devices and personal data from malware and other threats that might result from a phishing scam.
Remember, as great as movies are for entertainment, reality is much more serious. Always be cautious and protective when it comes to your personal information. Keep up to date on best practices and latest security updates.
More antivirus and malware news?
- Cross-browser worm spreads via Facebook, security experts warn
- Server Security: OSSEC Updated With GeoIP Support
- Young Belgian Cyber-Patrollers Trained to Fight Online Hate
- Java installer flaw shows why you should clear your Downloads folder
- HTTPS-crippling attack threatens tens of thousands of Web and mail servers
- Certain German Websites Defaced on April Fools’ Day
- University’s IT outsourcing could trigger discrimination lawsuit
- Google.ro and other RO domains, victims of a possible DNS hijacking attack
- Facebook acquires Face.com
- Stallman warns about Bitcoin peril