Page 23 - Banking Finance July 2024
P. 23

ARTICLE

         From there, the employees are asked to fill out a poll about  calls a phone number and creates a heightened sense of
         when a good time to reschedule would be via a link. That link  urgency that makes a person take an action against their
         will then bring the victim to a spoof login page may be likes  best interests. These calls normally occur around stressful
         of Office 365 or Microsoft Outlook. Once they have entered  times. For example, many people receive fake phone calls
         their login information, the scammers steal their password.  from people purporting to be the Banker or from bank's call
                                                              centre, indicating that they want to renew their credit or
         Types of Phishing                                    debit card ,which is going to expire  and need card number,
                                                              PIN and OTP sent on mobile. Because the call creates a
         Email Phishing
                                                              sense of panic and urgency, the recipient can be tricked into
         Malicious actors send emails to users impersonating a known
                                                              giving away personal information.
         brand, leverage social engineering tactics to create a
         heightened sense of urgency and then lead people to click  Smishing
         on a link or download an asset.
                                                              The word is derived from SMS+PHISHING, which indicates
                                                              it is phishing done using SMS as mode of deceiving. Smishing
         The links traditionally go to malicious websites that either
         steal credentials or install malicious code, known as malware,  is type of phishing where someone tries to trick you into
         on a user's device. The downloads or the link sent by email,  giving them your private information via a text or SMS
         have malicious content stored in them that installs the  message.
         malware once the user opens the document.
                                                              Smishing is a social engineering technique where fraudster
         For example, If you Ever get an email message from your  asks you to share your personal information. This tactic
         bank warning you that your savings and checking accounts  leverages your trust in order to obtain your information. The
         have been locked because of suspicious withdrawals. That  information a smisher is looking for can be anything from
         email might ask you to click on a link embedded in the  an online password to your Social Security Number to your
         message to verify your identity and keep your account open.  credit card information. Once the smisher has that, they
                                                              often start applying for new credit in your name. That's
         Don't fall for this trick. The odds are always there that the  where you're really going to start running into problems.
         email is an example of phishing, an attempt by scammers  Smishing is basically sending texts that request a person take
         to trick you into providing personal or financial information  an action. Most Often, the text will include a link that, when
         that they can then use to steal money from your bank  clicked, installs malware on the user's device.
         accounts, make fraudulent purchases with your credit cards.
         If you do click on a link in a phishing email, you'll usually be  For example- Most of the common Smishing attack uses
         taken to a new web page that looks like it belongs to your  brand names with links purported to be to the brand's site.
         bank or Credit Card Company. That page will ask you for your  Usually, an attacker will tell the user that they've won money
         personal and financial information - maybe your account  or provide a malicious link purported to be for tracking
         numbers or log in credentials, like your username and  packages. The link typically points to a site hosting malware
         password. Once the scammer behind this fake or bogus page  or prompts  the  user  to  log in  to  their  account. The
         gets that sensitive personal information of yours, and then  authentication page is not on the official site, but it's more
         they can easily access your financial accounts.      difficult to see the full URL on a Smartphone browser, and
                                                              many users won't bother checking. Smishing attackers use
         Phishing is a form of social engineering - phishers pose as a  a message that a user might be expecting. Others lure
         trusted organization to trick you into providing information..  victims with promises of prize money if they enter private
         Remember, your bank or credit card provider will never ask  information.
         you to provide account information online. When an email
         seeks such sort of information, it clearly indicates the sign Spear Phishing -
         of being sent for scams.                             Spear phishing is a campaign that was purposefully built by
                                                              a threat actor with a goal of penetrating one organization,
         Vishing                                              and where they will really research names and roles within
         Voice phishing, or "Vishing," happens when a cybercriminal  a company. Some targeted campaigns involve documents


            BANKING FINANCE |                                                                  JULY | 2024 | 21
   18   19   20   21   22   23   24   25   26   27   28