As online fraud cases increase, so does the number of aware users, so attackers need to come up with more sophisticated spam attack plans. Dmitry Sakov, an expert in the testing laboratory of the Digital Economy League, told socialbites.ca about this.
“Given that a person can be aware of attacks using fake links or infected files, attackers sometimes offer to send sensitive data directly to verify the information. This method of deception is effective in its simplicity: Due to many different tricks, users can lose their attention and ignore the basic rules of behavior that appear on the Internet They can – don’t tell anyone your username and password,” he explained.
According to Sakova, email phishing attacks have a certain “seasonality”; Depends on time of year, world events and trends.
“For example, it is not uncommon to receive emails from fake sites regarding the selection of holiday tours in the summer or messages from so-called government services against the background of the current situation,” the expert said.
Scammers are actively using AI to automate the creation and sending of phishing emails. The information security expert noted that in addition to email sendings, attacks using pop-up banners, fake bank websites, SMS sendings (smishing) and phone scams (vishing) are still common.
“When carrying out attacks, emails are often used that contain alarming information (about fines, account blocking), requests for personal information and messages about monetary gains. Such letters should be approached with caution. “Spelling and grammatical errors in the text of the letter may also indicate phishing,” he added.
To protect against phishing, the expert recommended a selective approach, indicating your email in the resources and not clicking on pop-up banners. It is useful to pay attention to the address bar: Phishing sources often use addresses with an insecure protocol – http instead of https.
“It is worth installing an antivirus: even a free solution can help block the passage to a phishing resource or block the download of a malicious file. You do not need to disable the firewall, that is, to control the traffic that is preloaded into the operating system. Another possible option is to install and configure a third-party one. It is important to keep your browser, operating system and antivirus up to date. Developers often release security updates in response to new vulnerabilities. As a rule, email services have spam filters, and email clients on your computer can be additionally configured to block external content. “There are a variety of browser extensions available, including free browser extensions, that protect against phishing,” he concluded.
They decided before in Russia ban to financial pyramids.