Cyber Crimes are on the rise. Complaints were up 33- percent last year with a $25 million increase in losses. Now the Federal Bureau of Investigation is warning of a new and even more mischievous threat call "Cyber Phishing." .
It's similar to phishing in which scammers cast out thousands of e-mails randomly hoping a few victims will bite. But in "spear phishing" they target select groups of people with something in common. People who work at the same company, bank at the same financial institution, attend the same college, or even shop from the same website.
Now the deception. The e-mails are ostensibly sent from organizations or individuals the potential victims would normally get e-mails from so alarm bells usually never ring.
How spear phishing works. First, criminals need some inside information on their targets to convince them the e-mails are legit. They often obtain it by hacking into an organization’s computer network or sometimes by combing through other websites, blogs, and social networking sites.
Then, they send e-mails that look like the real thing to targeted victims, offering all sorts of urgent and legitimate-sounding explanations as to why they need your personal data.
Finally, the victims are asked to click on a link inside the e-mail that takes them to a phony but realistic-looking website, where they are asked to provide passwords, account numbers, user IDs, access codes, PINs, etc.
Once criminals have your personal data, they can access your bank account, use your credit cards, and create a whole new identity using your information.
How to avoid becoming a spear phishing victim. Law enforcement takes this kind of crime seriously. The FBI works with the U.S. Secret Service and investigative agencies within the Department of Defense. But you also need to be alert to make sure you don’t end up a victim. Here's what you need to know:
- Keep in mind that most companies, banks, agencies, etc., don’t request personal information via e-mail. If in doubt, give them a call (but don’t use the phone number contained in the e-mail—that’s usually phony as well).
- Use a phishing filter…many of the latest web browsers have them built in or offer them as plug-ins.
- Never follow a link to a secure site from an e-mail—always enter the URL manually.
- Don't be fooled (especially today) by the latest scams. Visit the Internet Crime Center and "LooksTooGoodToBeTrue" websites for tips and information.
Resources:
- How to Protect your Computer
