← Return to Blog

26 Apr, 2024

Information Security Brief - April 2024

The New Reality of Phishing

What do Email, Text, social media, and Online Messaging all have in common? They can all be used to share memories from around the world, but they can also be used to distribute phishing attacks. The new reality of phishing is that they are using a multipronged approach; they are now reaching your social media feed, text messages, and phone calls.

  • Social Media/Trusted Platforms
    • We all love to connect with friends and family – be aware that attackers are leaning on those connections to trick you into sharing information (email, password, personal identification information). Know that attackers often use "free" or "discounted" items on social media to start the attack by gathering this information to use later to trick or scam you. These attackers will infiltrate a group or person of an account you trust to lean on the relationship to catch your guard down.
  • Text Messaging Phishing (Smishing)
    • Attackers have moved to using unsolicited text messages that appear to be from a legitimate source. Often, these messages will have a strong sense of urgency, with a link encouraging you to click the link and taking you to a fake portal to extort your information. Scammers often use names of large corporations to increase the likelihood of you being a legitimate customer.
  • Vishing (Voice Phishing)
    • Vishing is a newer form of phishing that utilizes the convenience and urgency of calling in an attempt to prompt an immediate response. The method is very similar to smishing, where they use the names of trusted, legitimate organizations to instill a sense of urgency. If you are on the phone with a suspected vishing attack, hang up immediately and be weary of saying "Yes." They can record your voice for further use or verification.

Phishing is not just lurking in emails anymore. It's infiltrating our texts, social media feeds, and even phone calls. Scammers are getting crafty, using our trust and connections against us. From tempting offers on social platforms to urgent texts and slick voice calls, they're pulling out all the stops. Staying savvy is key; being aware of these tricks and keeping your guard up can help dodge these digital attacks. Stay informed, stay skeptical of anything fishy, and minimize your public information footprint where possible.

CISA has created helpful materials for you and your customers.

← Return to Blog

Disclaimer

This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts

Information Security Brief - December 2024

Scammers are delivering phishing messages this holiday season During the holiday season, you might expect to get more de...

Read more

Information Security Brief - November 2024

Don't let scammers get in the way of your holiday shopping. As the holiday season approaches, there are more fake shoppi...

Read more

Information Security Brief - October 2024

Cyber Security Awareness Month In 2004, the President of the United States and Congress declared October Cyber Security ...

Read more