Hearing the terms phishing, vishing, smishing, and pharming it would be easy to dismiss them as merely new additions to the urban dictionary and new ways for your teens to exclude you from the conversation. Unfortunately, phishing, vishing, smishing, and pharming are much more serious than generational slang. They are terms describing the latest methods used by cybercriminals to infiltrate your network, disrupt your business, and steal your data and personal information. Understanding these methods is the first step to cybersecurity.
Knowing is half the cybersecurity battle
Understanding how cybercriminals will try to access your information and breach your security will make you more secure. The biggest tool you have in many cases is your gut and common sense. In most phishing, vishing, smishing, and pharming attempts there will be red flags, you just need to pay attention. If there is ever a doubt that something isn’t legitimate, it always better to be safe than sorry. Like the saying goes, “when in doubt, don’t!”
By now, most of us have heard of phishing. Cybercriminals will go phishing for your information using various forms of trickery to get you to give up our login and password. Most phishing expeditions happen via email, where the cybercriminals will set up decoy emails and websites from seemingly legitimate corporations. These emails will casually try to trick you to follow a link and login to your account. Although these phishing emails are getting more and more sophisticated, they do always come with one big red flag: a legitimate company will never write and ask you for sensitive information or your login.
Another way of getting you to give up your information is to call you on the phone and ask for it! Since no one picks up the phone anymore, vishing scams may soon become extinct, but if you still have people in your circle or your family – we’re looking at you, Grandma! – then make sure they are aware of vishing scams. Should anyone pick up the phone, the cybercriminal will try to assume the role of your banker, insurance agent, broker, etc., and alert you to some “suspicious activity.” The way you can tell if the person is legitimate or not is whether they ask you to verify personal information. Any financial institution or insurance group will already have all your information on file. You should never have to give up your social security number or other information over the phone. If this happens, hang up and remind yourself never to pick up the phone again, especially from a blocked or unrecognized number.
Having caught on to the fact that no one answers the phone, smishing will try to get to you via text. Smishing is vishing for millennials. A smishing text can include a link, or ask you to call back. Never reply to a smishing text, and delete them immediately. Replying to texts only lets them know that your number is valid, and you’ll soon be on more than just one list!
Instead of reaching out to you, pharming is a way to redirect you to a fraudulent website when you try to access a legitimate website. The criminals will find vulnerabilities in your network to install a virus or trojan horse that will then manipulate your internet searches, redirecting you to a fake website. Oftentimes, the user has no idea that they have been targeted until it’s too late. To protect yourself against pharming scams, pay attention to the websites that you visit. If they look different, don’t just assume it’s because they have updated their website. Never enter sensitive information on a site that you don’t feel is safe. Again, better to be safe than sorry. Also, you can hover your mouse over the link in the email or look at the URL. https://www.msn.com is a legit site. https://www.msn.followmehere.com is NOT a legit site!
OnePointSync has a complete and comprehensive cybersecurity plan for small and medium-sized businesses in Denver. Secure your system, instill customer confidence, and avoid detrimental hacks and security breaches.