Know your phishing, from your vishing or smishing

GREENVILLE —Managers in Greenville and Darke County are being warned about the ongoing dangers of phishing in their email – and other variants being targeted at them through other platforms.

Last year, 83 percent of organizations reported experiencing phishing attacks – that’s up 28 percent from 2020. And it’s expected there will be an additional six billion attacks this year.

These stats have been examined by local technology expert Mark Howell, of Darke Cloud Solutions.

“In my experience, local business leaders have heard of phishing but don’t know the specifics,” he said.

“It’s called ‘phishing’ because hackers bait unsuspecting victims into ‘biting’, in the same way you’d lure a fish to a hook with a big worm.

“This virtual bait is usually sent in an email. And when the victim gets hooked, their device and potentially their whole network can become infected with malware.

“Or the victim is enticed into giving away login credentials which can lead to data and even financial theft.”

There are many other forms of phishing, including:

Vishing: Like a phishing attack but done over the phone. Someone will call and pretend to be a person or company you know, or a representative of them. They’ll ask you to take an action, such as giving them remote access to your device, or visiting a website.

Pop-up phishing: This is phishing via a pop-up. It may say there’s a problem with your device’s security and ask you to click a button to download a file, or call a number to get it fixed.

Evil twin phishing: A fake Wi-Fi network is set up to look like the real deal. When you log in, the cyber criminal steals your data.

Angler phishing : Social media posts which are created to encourage people to access an online account or click a link which downloads malware.

Smishing: Like a phishing email, but over SMS straight to your phone.

Spoofing: A website that’s created to look like the real thing, but isn’t. Once you log in, you’ve given away your credentials (spoofing can be used in conjunction with other forms of phishing attacks too).

Howell added, “There are so many different ways cyber criminals target local businesses.

“The only protection that works is a blend of software to protect you, and training for your staff. When staff know about the red flags, they are much more likely to spot a scam before clicking a bad link.

“Your staff are the first line of your defense. If they get tricked and click a fake email, it’s super helpful to have security software in place to alert them not to go any further.”

Darke Cloud Solutions was formed in 2014 and specializes in supporting local businesses in the Greenville area. Visit www.darkecloud.com for more information.