The past three articles of the American ID Recovery Educational Series on Identity Theft Prevention and Awareness highlighted “phishing.”
To recap, phishing is one of the most popular types of digital crime that is evolving every day. With dedicated hacking groups around the world working overtime to steal personal information from innocent people, it’s important for all device users to be able to recognize the threats of phishing. A little education in your arsenal might help you to outsmart cyber criminals.
Read on for a summary of the month’s information, tips, and safety measures your family, business, and employees can take for identity theft protection starting as early as today.
BEWARE OF “PHISHY” COMMUNICATIONS
- Personal and professional emails urging you to take action on an account due to a somewhat normal notification or threat, such as account closure or security breach. Typically appearing generic and automated, these are usually mass emails sent out from perpetrators requesting account, personal, or credit/banking information. On an individual level, a person typically has a larger amount of control over the security of their information in this particular type of attack but vigilance on all accounts is needed.
- Targeted emails coming from a somewhat familiar source or containing personalized content can be spear phishing attempts. Social engineering practices, such as social media account mining and google searches reveal alumni networks, church and professional groups, recreational and professional affiliations, connections to family members, and philanthropic interests. The amount of effort cyber thieves put into spear phishing is greater than a typical phishing attack, mentioned above. Increasing levels of due diligence are required to vet out the sender. American ID Recovery recommends regularly checking in on accounts for a year or more after receiving a spear phishing email.
- Whaling is another malicious email attack – aimed for the most part – at specific high-ranking or high-profile individuals that hold access to large amounts of data and sensitive information. A cyber criminal’s reward is a “jackpot” breach containing numerous amounts of personal information for multiple records. The effort put into targeting a key individual or “Whale” can be substantially higher than a spear phishing attack. It is up to key individuals and their employers to implement strict data privacy and communication practices that are followed religiously. Consumers have very little control in the security of their data when whaling attacks are involved. Service providers, creditors, and others with your sensitive information are accountable on their end for the safety of your data.
- Smishing is text-based, or SMS phishing. Erratic requests for sensitive information via text should be examined and taken seriously, even in the increasingly convenient text-based automation and account maintenance society we live in today. Before you open a link, go to the U.S. Short Code directory to check for authenticity.
WHAT ELSE CAN I DO?
Increasingly sophisticated targeting methods are becoming personalized. Data extraction methods specifically acquire information through techniques such as social engineering and mimicking companies or people through copycat imagery and lexicons.
Vigilance and critical thinking are the imperative skills all device users need to acquire. Since much activity is conducted over the dark web without consumers’ knowledge, American ID Recovery recommends that individuals, families, small businesses, and corporations take a proactive approach to identity theft. By entrusting our services, American ID Recovery can safeguard data while our clients live life with the peace of mind only a monitoring and recovery service can offer.
Interested in learning more? The next American ID Recovery Educational Series topic is about protecting your personal data.