← Return to Blog

26 Apr, 2024

Information Security Brief - April 2024

The New Reality of Phishing

What do Email, Text, social media, and Online Messaging all have in common? They can all be used to share memories from around the world, but they can also be used to distribute phishing attacks. The new reality of phishing is that they are using a multipronged approach; they are now reaching your social media feed, text messages, and phone calls.

  • Social Media/Trusted Platforms
    • We all love to connect with friends and family – be aware that attackers are leaning on those connections to trick you into sharing information (email, password, personal identification information). Know that attackers often use "free" or "discounted" items on social media to start the attack by gathering this information to use later to trick or scam you. These attackers will infiltrate a group or person of an account you trust to lean on the relationship to catch your guard down.
  • Text Messaging Phishing (Smishing)
    • Attackers have moved to using unsolicited text messages that appear to be from a legitimate source. Often, these messages will have a strong sense of urgency, with a link encouraging you to click the link and taking you to a fake portal to extort your information. Scammers often use names of large corporations to increase the likelihood of you being a legitimate customer.
  • Vishing (Voice Phishing)
    • Vishing is a newer form of phishing that utilizes the convenience and urgency of calling in an attempt to prompt an immediate response. The method is very similar to smishing, where they use the names of trusted, legitimate organizations to instill a sense of urgency. If you are on the phone with a suspected vishing attack, hang up immediately and be weary of saying "Yes." They can record your voice for further use or verification.

Phishing is not just lurking in emails anymore. It's infiltrating our texts, social media feeds, and even phone calls. Scammers are getting crafty, using our trust and connections against us. From tempting offers on social platforms to urgent texts and slick voice calls, they're pulling out all the stops. Staying savvy is key; being aware of these tricks and keeping your guard up can help dodge these digital attacks. Stay informed, stay skeptical of anything fishy, and minimize your public information footprint where possible.

CISA has created helpful materials for you and your customers.

← Return to Blog


This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts

CEO Update - Q2 2024

Apps For Transcribing Meetings May Seem Helpful, But They Come With Undesirable Consequences. Apps and devices that list...

Read more

Information Security Brief - March 2024

Tips for a Hack-Proof Tax Season The IRS identified in 2022 that there were more than 5.5 billion dollars in tax-related...

Read more

CEO Update - Q1 2024

BankOnIT Strengthens Its Advisory Board. We are excited to announce the addition of Roger Beverage to the BankOnIT Advis...

Read more