Go phish

Mobile phishing attacks are gaining ground as mobile phone users are distracted and more likely to click on malicious SMSes, says Indi Siriniwasa, VP of Trend Micro, sub-Saharan Africa.


Johannesburg, 27 Aug 2018

Phishing is one of the oldest cons on the books, and still one of the more popular tools of cyber criminals. Cyber criminals want access to your details and the easiest way to get hold of them is by convincing you that they are someone else, like your bank or a trusted service provider.

Commonly, the victim receives an e-mail or personal message advising them to urgently update their details or that perhaps their information has been compromised and needs their immediate attention. The messages always ask for personal information, and appear to come from trusted sources. However, on closer inspection, the truth of the scam is revealed.

"A phishing e-mail or message will often get the victim to click on a malicious link that may send them to a fake Web page or to a website that contains malware. Cyber criminals are out to make money, so the goal of phishing is to turn a profit, whether it is to gain access to a bank account, download crypto-currency mining software or tricking the victim into downloading ransomware," explains Indi Siriniwasa, Vice-President of Trend Micro, sub-Saharan Africa.

As technology evolves, so do the modes of attack, and it's no different when it comes to phishing. Mobile phishing attacks are gaining ground, especially because mobile phone users are distracted and more likely to click on malicious SMSes.

"We would all like to think we are too tech savvy to get caught by these tactics, yet many are. What their ploys generally all come down to in the end is social engineering. And, social engineering itself is, quite simply, the art of persuasion, which is the most valuable tool in any con artist's arsenal," says Siriniwasa.

Vigilance, as always, is key. Typically, a phishing e-mail or message would appear to come from a trusted source, but the sender's e-mail may look blatantly suspicious. In some cases, the sender's e-mail may even look legitimate. To make sure it is, hold your cursor over the address to see if it appears different when you do.

The address and content may differ from the messages you're used to seeing from the source, and may be addressed to "customer" or "user" instead of you directly. Often, the subject line and content will contain emotive words such as "urgent", "immediate" and "important" in order to get the victim to click on any links or take the requested action without thinking.

"The motto employed here should be 'better safe than sorry'. If you're not sure the e-mail from your bank is from them, call them up or visit their Web site to make sure. Don't click on links or download attachments from unsolicited e-mails. Check the content of the letter, check the sender's address and the subject line. If it doesn't look or feel right, chances are, it isn't. It's better to err on the side of caution than to become a victim of cyber crime," advises Siriniwasa.

Share

Trend Micro

Trend Micro, a global leader in cyber security solutions, helps to make the world safe for exchanging digital information. Its innovative solutions for consumers, businesses and governments provide layered security for data centres, cloud environments, networks and endpoints. All its products work together to seamlessly share threat intelligence and provide a connected threat defence with centralised visibility and control, enabling better, faster protection. With over 5 000 employees in over 50 countries and the world's most advanced global threat intelligence, Trend Micro enables organisations to secure their journey to the cloud. For more information, visit www.trendmicro.com.

Editorial contacts