Phishing or social engineering attacks are increasingly being used by cyber criminals to trick internet users into revealing sensitive information – website login details, bank account or credit card details or personal data that forms part of your identity.
Phishing emails (note the ‘ph’) are designed to look official and may use an ‘urgent security alert’ or other reason for you to immediately visit a website to confirm your personal details.
Misspelt website addresses or URLs can be bought and set up to look similar to your bank website with copied logos and login forms the added touch that aims to convince you to enter your account login information.
A friend’s hacked email address can now be used to send highly convincing – but fake – appeals for emergency help or direct you off to ‘interesting’ video or photo content, perhaps involving a celebrity sex scandal.
Click the link in the email though and you may end up on a website designed to infect your computer if you haven’t fully patched the operating system and all software on it, particularly Java and Adobe Flash.
Even social networks have been affected by spam or malware links added via rogue apps or compromised accounts.