Types of Phishing: Voice Phishing and Spear Phishing and How to Protect Yourself

Phishing attacks are scams that are designed to steal your personal information and your identity. The word "phishing" began back in the mid 1990s when scammers began hacking into AOL accounts. The email messages appeared to come from the AOL service when in reality it came from the scammer. The email requested you to update your AOL information which tricked users into exposing sensitive information to the scammers. Phishing attacks then spread to PayPal, online websites, banking sites, and from there spread to voice phishing.

There are two relatively new forms of phishing attacks which are known as voice phishing and spear phishing:

Voice Phishing

Voice phishing is a new form of identity theft which tricks you into revealing personal information when the scammer replaces a website with a telephone number. The website is usually one that you visit frequently which the scammer can determine by installing spyware into your computer or by simply hacking the website to obtain information and email addresses.

The website sends you an email that looks like it is from the legitimate source and tells you to call a telephone number to verify your information. The message tricks you into revealing your information by saying that your account will be closed if you do not respond. When you call the number an audio response answers at the receiving end of the compromised telephone line and requests your personal information including your username and password to the website.

Generally it is difficult to track down these telephone numbers because the scammer uses software to cloak the telephone number when you try to trace the location of the scammer.

Spear Phishing

Spear phishing works like regular phishing except that it is highly targeted to a specific recipient. Spear phishing scammers can send emails to your email client that look like they came from your employer or other colleague that generally sends regular email messages to a company group on a routine basis. The email includes specifically targeted information about organizational issues that are familiar to the recipients.

The email message encourages you to click to open an attachment or enter a username and password. The spear phisher then downloads malware or some other kind of malicious software that spies on your computer activity and logs your keystrokes.

How to Protect Your PC and Yourself

  • Avoid Mass Emails: Avoid mailing out regular mass email to a group or organization which encourages clicking on links and attachments. Regular mailings encourage the recipients to accept this as a routine procedure and will make it difficult for them to differentiate between the real deal and the scammer.
  • Use Anti-Phishing Software: Add anti-phishing software to your Web browser and email clients because these are the platforms that phishing scams use to operate. Some antivirus programs such as McAfee employ a Site Advisor to help you determine whether or not a website or attachment is legitimate.
  • Non-Password Authentication: Use other means for identity authentication of the users that does not involve the use of a password when possible.
  • Phishing Education: Keep the recipients of your email educated on the latest phishing attacks and how to watch out for them. Explain to them what to do in the event of a phishing attack.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.