Page 22 - Banking Finance July 2024
P. 22

ARTICLE

             to instill a sense of urgency using intense language and  Additionally, payment wallet or company urges users to
             scare tactics, starting with the email's subject line.  report any suspicious activity to them, so they can continue
             Common themes among phishing emails are that     to monitor these attempts and prevent their users from
             something sensitive, such as a credit card number or  getting scammed.
             an account, has been compromised. This is done to
             induce the recipient into responding quickly, without Attack based on financing
             recognizing the signs of a scam.                 These are common forms of phishing, and it operates on the
         2) The message might use sub-domain, misspelled URLs  assumption that victims will panic into giving the personal
             also known as typo squatting or otherwise suspicious  information to  scamster. Usually, in these cases, the
             URLs.                                            scammer deceives as a bank or other financial institution.
                                                              In an email or phone call, the scammer informs their
         3) The recipient might use a public email address rather
             than a corporate email address.                  potential victim that their security has been compromised.
                                                              Often, scammers will use the threat of identity theft to
         4) The message might be written to invoke fear or a sense  successfully do just that.
             of urgency, so that a mistake might be committed by
             receiver without establishing sanctity of source.
                                                              A few examples of this scam can be:
         5) The message includes a request to share and verify  Suspicious emails about money transfers that will confuse
             personal information, such as financial details or a  the victim. In these phishing attempts, the potential victim
             password.                                        receives an email that contains a receipt or rejection email
         6) The message is poorly drafted with improper framing of  regarding a charge debit transaction. Often, the victim who
             sentences and has spelling and grammatical errors, etc.  sees this email will instantly assume fraudulent charges have
                                                              been made in their account and click a mala fide link in the
         Ways of Phishing Attacks                             message. This will leave their personal data vulnerable to
                                                              being mined.
         Scam based on payment using digital channels
         If a user is unsure of how to spot a fraudulent online-
                                                              Direct deposit scams are often used on new employees of a
         payment phishing email, there are a few details to look out
                                                              company or business. In these scams, the victims receive a
         for. Generally, a phishing email is known to include:
         Dodgy greetings that do not include the victim's name.  mail that their login information is not working. Anxious
         Official emails from company will always address users by  about not getting paid, the victims click a "phishing" link in
         their actual name or business title. Phishing attempts in this  the email. This will lead the victim to a spoof website that
         sector tend to begin with "Dear user," or use an email  installs malware to their system. From there, their banking
         address instead.                                     information is vulnerable to harvesting, leading to fraudulent
                                                              charges.
         In the case of online payment some services, some of these
         scams "alert" their potential victims to the fact that their  Work related phishing
         account will soon be suspended. Others claim that users  This type of scam can be very personalized and hard to spot.
         were accidentally "overpaid" and now need to send money  In these cases, an attacker purporting to be the recipient's
         back to a fake account.                              boss, CEO or CFO contacts the victim, and requests a wire
                                                              transfer or a fake purchase.
         Downloadable  attachments  are  not  something  that
         companies sends to its users. If a person receives an email  One work-related scam that has been popping up around
         from company or another similar service that includes an  businesses in the last couple of years is a ploy to harvest
         attachment, they should not download it.             passwords.  This  scam  often  targets  executive-level
                                                              employees, since they are likely not considering that an
         If a person receives one of these emails, they should open  email from their boss could be a scam. The fraudulent email
         their payment page on a separate browser tab or window  often works because, instead of being alarmist, it simply talks
         and see if their account has any alerts. If a user has been  about regular workplace subjects. Usually, it informs the
         overpaid or is facing suspension, it will say so there.  victim that a scheduled meeting needs to be changed.

            20 | 2024 | JULY                                                               | BANKING FINANCE
   17   18   19   20   21   22   23   24   25   26   27