When was the last time you received an email from your bank (supposedly) asking you to “update your account details” or else get your account deactivated?
If you even remember to scrutinise the sender’s email address, you may find that it is a fraudulent email address pretending to be your bank’s. If you had fallen for it, you would have given criminals access to your bank account and hard-earned money. You would have been one of the many victims of a phishing attack in recent times.
So, what is phishing, exactly?
Put simply, phishing occurs when cybercriminals “fish” for your data. They do it by getting in touch through emails, text messages and social media, to name just a few ways.
Recently, cybercriminals have come up with more creative and sophisticated ways to phish. But the underlying principle is simple – use deception to trick you into handing over your personal data – passwords, birthdays, contact information, credit card details.
Impersonate a bank, impersonate your boss, impersonate your friend. Make the message sound urgent. Make it sound like your life (or that of a loved one) depends on you clicking that link.
Cybercriminals have a whole arsenal of tricks up their sleeve. Here are some of the many ways phishing is carried out.
• Email phishing: Impersonate a bank, organisation, or brand and send an email asking to click on a link or download a file. The link is a spoofed website which asks for your data, while the file contains malware or viruses.
• Spear phishing: Similar to email phishing, but more personalised. Criminals research about their targets and send them personalised emails that use familiar language, tricking them into doing whatever the email is telling them to do.
• Whaling / CEO Fraud: Similar to spear phishing, but makes the email appear like it came from a top executive at a company. It is often used to trick other executives into releasing money or sensitive data.
Get access to news, enforcement cases, events, and actionable tips and guides
Get regular email updates and offers
Job opportunities, mentorship and career guidance
Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin
DPEX Network is a Community Initiative of Straits Interactive.
Copyright © Straits Interactive Pte Ltd. All Rights Reserved.
All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.