Dodging “Phishing”, “Vishing” and “SMiShing”

Catching a fish is an achievement of sorts if you’re in it for fun, but getting ensnared in a “Phishing”, “Vishing” or “SmiShing” trap isn’t funny at all. When cyber criminals decide to have their way, they can devise ingenious ways to fool their victims into parting with valuable, identifiable or financial information. These scams rely on the same tactics: to dupe you into parting with identifiable information - often posing as your bank, credit card company or a Government institution. This information can then be used to wreck havoc with your bank account or for a probable identity theft.

So, how does one gut the “Phish”? The trick here is to understand how these schemes work:

Phishing: You get an email that looks deceivingly genuine, requesting you to provide or confirm account information, log-in IDs or passwords. The emotion misused here is fear or anxiety. For example, saying that your account will be deactivated if you don’t respond.

Authentic organizations rarely request for sensitive information via email. If you are unsure, call your financial organization and verify the genuineness of the email. Do not click on links in such emails, which could transmit malware on your computer. Likewise, don’t open any attachments unless you can verify their authenticity.

Vishing (Voice phishing): In this case, you get a call from either an actual person or a pre-recorded call claiming to be on behalf of a legitimate source. You will be asked to furnish personally identifiable or account information for resolving an issue like overdrawn accounts or theft.

Don’t give away any information unless you get it verified from the mentioned organization itself. As an extra precaution, store all important numbers including customer service numbers in your cell and any number that fails to correspond to the stored list should be treated with caution.

SMiShing ("Short Message Service" phishing): This scam uses text messages that are sent to your mobile device. Just by replying you verify that the number is valid. So even if you don’t click on any links or give away information, your information could still be sold to other scammers.

Before a scammer has you in his net, be familiar with what to identify and hear when dealing with an email or SMS or answering your phone:

  • Treat every request for personally identifiable and financial information with caution.
  • Don’t click on links in unsolicited emails or SMSs.
  • Criminals can go to any extent to make their scams appear legit; this includes using logos or icons an organization’s name. If you are really concerned about an email or a call, make separate calls to that organization to verify.
  • If the email or message is ridden with grammatical mistakes or language that you wouldn’t remotely associate yourself with, then it’s a spoof.
  • Use an effective anti-spam solution and keep your anti-virus software updated. Lookout for software vulnerabilities and patch the OS as and when prompted.
  • Lookout for terms like ‘important’, ‘urgent’ etc. If these terms are being used to get information out of you, then be forewarned.

Cyber criminals prey on trust and goodwill and most of the time, it is the ignorance and carelessness of people that lets them win. Best anti spam software like Quick Heal effectively protects your PC and other digital devices from attacks. A robust security solution and being aware goes a long way to protect your valuable information.