RELATED
Fraud, Scams, Identity Theft Costing Canadians Millions
Fraud, Scams, Identity Theft Costing Canadians Millions
0
Global Q&A: 'Do you take precautions against identity theft?'
Global Q&A: 'Do you take precautions against identity theft?'
0
(weerapatkiatdumrong/iStock)
(weerapatkiatdumrong/iStock)
Tech

How to Avoid Getting Hooked by a Festive Season Phishing Scam

By Martin Butler and Rika Butler
December 23, 2015 Updated: December 27, 2015
FONT BFONT SText size
Print

Email phishing attacks are especially popular over the festive season, partly because there’s an increase in email marketing and special offers linked to the holidays.

During the fourth quarter of 2014, for instance, the number of unique phishing attacks globally went up by 18% compared with the third quarter that year, according to the Anti-Phishing Working Group.

A total of 437 brands were targeted and 46,824 unique phishing websites were reported, the majority of them hosted in the US. The most-targeted industries for phishing attacks are retail/service, financial services and payment services.

It seems that during the Christmas period people are probably more likely to respond to these offers. They also appear willing to spend more money than usual. This creates a perfect opportunity for cyber criminals to hook their bait.

But what is phishing and why does it happen? And how can people guard against it?

Identity Theft

To begin with, it’s important to understand the practice that lies at the heart of phishing: identity theft. This is a form of fraud in which one person pretends to be someone else to illegitimately benefit at the victim’s expense.

Cyber criminals usually acquire the information that they need by stealing a wallet, going through mail, or dumpster diving. They also target organisations that are in possession of sensitive private information by stealing IDs, back-ups or documentation.

In the US in 2014 there was one new victim of identity theft every two seconds.

In South Africa, identity theft losses amount to more than R1 billion annually according to the Southern African Fraud Prevention Services. In 2014, 3600 cases were reported and it believes that more than 4000 cases would be reported by the end of 2015.

In the anonymous world of the internet, individuals are uniquely identified by account numbers and passwords which form the basis of online authentication.

Online identity theft happens when a victim’s online identity is stolen by cyber criminals and used for unauthorised purposes that cause financial losses to the victim. Email phishing attacks are an increasingly popular and sophisticated method that cyber criminals employ to get the information they require to commit online identity theft.

Phishing

Phishing is an online identity theft method in which spoofed emails are sent out to lure recipients through embedded hyperlinks to fraudulent websites. Here, cyber criminals attempt to trick online users into divulging personal financial data like passwords and account numbers.

Related Coverage
Finally: A Service That Lets You Charge People to Email You

Initially phishing emails and the associated bogus websites where mostly masked as coming from financial services institutions. These were easily identifiable because of poor language and grammar or non-authentic looking copies of websites.

But this is no longer the case. As users grew more sophisticated, so too did cyber criminals. In recent years they have begun targeting a wider set of industries, using more authentic looking emails and websites.

A Possible Solution?

Well-planned phishing websites fool more than 90% of respondents, while 23% do not notice browser-based security warnings and indicators and 15% ignore these warnings, according to a Harvard University study. Researchers found no correlation between victims’ vulnerability and their gender, age, education levels or computer experience.

Related Coverage
How to Avoid Getting Hooked by a Festive Season Phishing ScamSmart New Gmail Inbox Feature Replies to Your Emails Automatically

Keeping yourself abreast of phishing trends is useful. Research recommends these anti-phishing measures as first steps to protect your online privacy:

  • be cautious with emails and confidential information;

  • look for indications that browsers and websites are secure and legitimate;

  • employ available security measures; and

  • keep in mind that when an offer appears too good to be true, it probably is.

We are doing new research to find out how people view the threat of phishing and what steps they take to avoid phishing. The information will help us find ways to improve online security.

Whether you think you’re vulnerable to phishing, believe you’re well protected or genuinely have no idea, you can contribute to this research by clicking here to complete the survey.The Conversation

Rika Butler, Associate Professor in Auditing at the School of Accountancy, Stellenbosch University and Martin Butler, Senior Lecturer in Business Management and Administration, Stellenbosch University

This article was previously published on The Conversation.

TOP NEWS
Hospital Director in Coronavirus Epicenter Wuhan Dies of Infection
Inside China
Hospital Director in Coronavirus Epicenter Wuhan Dies of Infection
0
Coronavirus Live Updates: 88 More New Infections on Cruise Ship in Japan
Coronavirus Outbreak
Coronavirus Live Updates: 88 More New Infections on Cruise Ship in Japan
0
Denny Hamlin Wins 3rd Daytona 500; Ryan Newman Hospitalized
Sports
Denny Hamlin Wins 3rd Daytona 500; Ryan Newman Hospitalized
0
Arab World’s First Nuclear Power Plant Gets Green Light in UAE
Middle East
Arab World’s First Nuclear Power Plant Gets Green Light in UAE
0
American Cruise Passengers Quarantined at US Military Bases
America
American Cruise Passengers Quarantined at US Military Bases
0
Apple Says Will Not Meet Revenue Guidance for March Quarter Due to Coronavirus Impact
America
Apple Says Will Not Meet Revenue Guidance for March Quarter Due to Coronavirus Impact
0