The FBI’s Internet Crime Complaint Center (IC3) recently released the 2022 Internet Crime Report. It shows that cyber actors continue to plague Americans, with dollar losses escalating by 49%. Among the staggering number of complaints received by the IC3, over 37% were related to phishing attacks.
Phishing has emerged as the single most prevalent category of cybercrime. It has caused significant financial losses, particularly among citizens aged 60 and older. This article delves into the origins of phishing and its evolution into a top hacking category. It also offers tips to help protect you from falling victim to these malicious schemes.
Phishing is a technique employed by cybercriminals to deceive individuals into divulging sensitive information or installing malware on their devices. This method is executed through various channels such as phone calls, emails, SMS texts, or even social media messages.
The Evolution of Phishing
The concept of illegal hacking began in the 1970s, long before the introduction of the internet. It started with a scam called “phone phreaking” or simply “phreaking”. This form of hacking used machine-driven audible tones to manipulate telephone systems into making free phone calls around the world. By the late 1990s, hackers began using email lures to “fish” for passwords and financial data from unsuspecting internet users. They coined the phrase “phishing” as an homage to their criminal predecessors of the 1970s.Over the past two decades, phishing has become increasingly sophisticated, pervasive, targeted, and costly. In 2022 alone, the IC3 reported losses of $52 million due to phishing attacks. It’s worth noting that unreported losses from such incidents are significantly higher. That’s why it’s crucial to stay informed about the latest phishing techniques and safeguard yourself against these threats.
Types of Phishing Attacks
Email Phishing: Attackers send fraudulent emails that mimic reputable sources, such as banks, government agencies, or popular online services. These emails often create a sense of urgency, urging recipients to click on malicious links or provide personal information.
Spear Phishing: This targeted approach focuses on specific individuals or organizations. Cybercriminals gather personal information to craft tailored messages that appear authentic. They often impersonate colleagues, vendors, or clients to manipulate victims into revealing sensitive data.
Smishing and Vishing: Phishing attacks have extended beyond emails. "Smishing" refers to fraudulent text messages, while "vishing" occurs through voice calls. These tactics rely on social engineering to deceive victims into sharing personal information or clicking on malicious links.
Avoid and Identify Phishing Attempts
Stay Vigilant: Be cautious of unsolicited emails, especially those requesting sensitive information or containing urgent requests. Look for signs of poor grammar, generic greetings, or email addresses that don't match the claimed sender.
Verify the Source: Before sharing any personal or financial information, independently verify the legitimacy of the email or message. Contact the organization directly through their official website or customer service channels to confirm the request's authenticity.
Be Wary of Links and Attachments: Hover over hyperlinks to reveal their true destination before clicking. Avoid downloading attachments or files from untrusted sources, as they may contain malware or ransomware.
Strengthen Passwords and Enable Two-Factor Authentication: Use unique, complex passwords for each online account. Enable two-factor authentication whenever possible, adding an extra layer of security to your accounts.
Keep Software Updated: Regularly update your operating system, web browsers, and antivirus software. Software updates often include security patches that help protect against known vulnerabilities.
Educate Yourself and Others: Stay informed about the latest phishing techniques and trends. Share knowledge with friends, family, and colleagues to raise awareness and help them avoid falling victim to phishing attacks.
Remember, if you feel that you are at risk of identity theft, make sure that you have activated credit monitoring. This will alert you as quickly as possible to credit fraud. Also, be vigilant in watching your checking account transactions. Watch for suspicious postal mail that may indicate fraudulent accounts were opened in your name.
If you suspect that your identity has been stolen, it's important to take action immediately. As a Smarter, Smart or Fresh Start checking account holder, you have access to identity protection benefits. Our identity theft protection specialists are trained to fully manage your identity recovery and are standing by to help.