Popular Methods of Phishing in 2020 and How to Avoid Them

Red phishing hook icon in the middle of a keyboard
hacker phishing for envelope from laptop

How can you be protected from phishing attempts in 2020? Despite the vast amounts of information on the internet pertaining to this topic, attempts are on the rise – With phishers becoming increasingly more sly, the security of your information and knowledge of link checking is mandatory. How can you make sure that attackers do not get ahold of your information? Well for starters, being educated on how and why phishing occurs is your best bet to stay protected. In this article, we will be discussing what phishing is, the popular methods of phishing in 2020, and how you can prevent an attack.

What exactly is phishing?

Phishing and fishing are very similar practices, hence the name of this widespread scamming method. Say you bait your hook and throw your line into the river – Sometimes you don’t catch anything, but sometimes you do. If you throw enough lines into the water, eventually you’ll catch something – This is the same with phishers attempting to get your information. The actual definition of phishing translates loosely to: “The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers“. Many phishing links are disguised as messages from Apple, Google, Microsoft, and other large entities, in an effort to obtain your personal information.

How does phishing work?

In this section, we’re going to describe a few of the more recent and popular methods that phishers use to trick you into handing over your information. If you are educated on how people are trying to steal your information, you have a much better chance of recognizing these links and attacks, thus preventing any type of breach. If you have any further questions about phishing, or how TRACKtown can help – Give us a call at (541) 255-1900 or send us an email at info@tracktowncomputers.com.

Popular Methods of Phishing in 2020

Links sent via Text MessageKrebsOnSecurity heard from a reader in South Africa who recently received a text message stating his lost iPhone X had been found. The message addressed him by name and said he could view the location of his wayward device by visiting the link https://maps-icloud[.]com — which is most definitely not a legitimate Apple or iCloud link and is one of countless spoofing Apple’s “Find My” service for locating lost Apple devices.

Although this link appears to be legitimate because of the maps-icloud[.com], phishers often use redirection methods that lead to a custom link that appears as if it’s actually the iCloud login screen. Be sure to stay clear of any strange text messages in order to keep your information, passwords, and identity safe.

Emails sent with little to no content – We are now seeing attackers sending emails with an image that contains the corrupt link, instead of full-blown text like in your average phishing email. When the recipient clicks on the link, they will be redirected to the phishing site that will mirror the website they are trying to imitate. How can you tell if the message you have received is really an attempt to gain your information? For starters, if you suspect anything strange about a message you have received, do NOT click on it. Another way to avoid being phished is to use an online phishing link checker or inspect the URL yourself.

Spear Phishing – Most traditional phishing attacks use an approach to mass target their recipients, in order to get as many people’s information as possible. Emails and Text messages are sent to the largest demographic and the attacker prays for a high conversion rate. Spear phishing is a much more isolated attack in which the hacker knows who they are targeting and what they can stand to gain from a successful phish. For spear phishing to work, a great amount of research is necessary in order to personalize the attack and increase the likelihood of success.

Photo: The Wall Street Journal

Isn’t my standard email filter sufficient?

To keep it simple, no. To truly prevent phishing attempts, we recommend a combination of high-end security training for all employees, coupled with any of our cybersecurity packages. We provide your business with the tools necessary to be protected from external threats including but not limited to malware, badware, keyloggers, ransomware, phishing, and more.

Now that you are more educated on phishing and the risks it poses for your business, you will more effectively be able to prevent an attack. With Phishing on the rise, be sure to keep an eye on our blog for future updates. Like always, if you have any questions or would like to know about the cybersecurity services we offer, do not hesitate to give us a call at (541) 255-1900, or send an email to Info@tracktowncomputers.com.