Symantec’s 2014 Internet Security Threat Report recently revealed that spear phishing campaigns increased 91 percent in 2013. In addition to the increased number of spear phishing* campaigns, cyber criminals are also using stronger phishing tactics, Stacy Collett at Network World reports.
Collett shared Chief Hacker at Social-Engineering.org Chris Hadnagy’s experience with spear-phishing. He has seen cyber criminals step up their social engineering game, especially among business employees:
“Groups are sending phishing emails with malicious attachments, which a cautious employee usually ignores. But then they’re following up with a phone call that says, ‘Hi, this is Bob in accounting. I just sent you an email with a spreadsheet. I just need you to open that up real quick and check it out.’ Those factors put together make you trust them and take that action. Social engineering tactics like these serve as the entryway to the latest internet scams,” Hadnagy said in Network World.
Collett outlined the top four social engineering scams to look out for in 2014:
- Phishing with ransomware
- Automated calls for credit card information
- Healthcare records for spear-phishing attacks
- Using funerals in phishing attempts
A few ways to help prevent phishing from occurring, according to Security Watch’s Abigail Wang, is by taking control of your personal information that is available on the web. Wang reports that “25 percent of Facebook users do not use privacy setting and 20 percent of social media users in general set their profile to public,” giving cyber criminals an increased chance of fooling you based on the information they know about you.
Have you fallen for a phishing attempt? How can individuals and businesses protect against phishing? Share your thoughts with us on Facebook and Twitter and take a look at our Tumblr for the latest security news stories.
*Spear phishing: an email that appears to be from an individual or business that you know, but in actuality comes from a cyber criminal.