No Phishing Allowed!
Most of my customers are reasonably aware of why they have an anti-virus program installed on their computers.
Few are up to speed on the multitude of other malware (an acronym for “malicious software”) lurking around every corner of the internet and what’s required to combat these attacks.
Even fewer realize that one of the most dangerous villains in Cybercrime is known as “phishing”.
When I conduct my tutoring sessions, whether it be in a group or one-on-one, I try to be as thorough as possible in explaining the differences between the above risks to your computer’s functionality and your personal security.
The individuals who create and distribute computer viruses have pretty much figured out that most people nowadays are reasonably protected by running anti-virus software of one form or another on their computers. Whether it’s a paid subscription to one of the most recognizable brands: Norton, McAfee, or any number of free versions of programs available like AVG Free, Bitdefender & Kaspersky.
Windows has included its own built-in security cop since Vista, now called Microsoft Defender…which incorporated components of Microsoft Security Essentials and became or more robust program than it was when first introduced, but it still falls well short of complete protection compared to the programs I mentioned above.
With many of their nasty minions blocked by these capable guardians, the ‘malware misfits’ had to come up with something that could somehow get around the software designed to keep them at bay.
So they began developing software that didn’t appear to act like a virus…that didn’t have a virus “footprint” if you will.
Ransomware, key loggers, adware, worms, rootkits…the list goes on.
Basically this malicious programming became increasingly more complex and able to quietly walk in the front door of computers right under the noses of our ‘security guards’ by flashing credentials in much the same manner as we did as teenagers using false IDs to get into the local bars.
In this ongoing cat-and-mouse game between the bad guys and the security software programmers, it wasn’t long before “anti-malware” programs entered the fight. Programs dedicated to sniffing out these unruly teens with forged ID cards are now readily available…although many computer users aren’t aware of them, or why they might need them as well as an antivirus program.
Malwarebytes Free is an excellent choice in my opinion. It’s up to the task of seeking out those intruders trying to circumvent your anti-virus software.
But for the intent of this article, I’d like to talk a little about that third bit of nasty business: “phishing”.
No this isn’t street slang for the fleet of lobster boats dropping their traps just off shore at this time of year.
And this particular type of internet scariness can truly only be countered by the security software hard-wired between our ears. That ‘spidey-sense’ we get when something doesn’t quite ring true. That quiet warning that goes off when something smells…well, phishy.
The people who perpetrate these crimes have perfected a technique of “social engineering” where an email message, Facebook link or other notification appears to be a genuine request to update your personal information by convincing you to “click here” to fill out the pertinent details.
Sometimes there’s a threat of punishment, such as being suspended from accessing your account, or even your computer if this message is ignored. (Ransomware.)
Then of course there’s the classic request to send money to cover legal fees in order to collect an inheritance from some long lost, great great grandmother’s wealthy third cousin Abu Bakr in Nigeria you never knew you had.
Job seekers are particular vulnerable to these scams. They respond to a virtual position posted on a job board which promises somewhat believable wages only to be led into a trap designed to get you to electronically deposit a check to your bank account. The check will be for home office equipment to get you up and running but it will be for much more than needed. The scammers will then ask you to send the surplus back to them electronically. Once the bank realizes that the check is bogus, it’s too late and you’re on the hook for the whole amount…and the criminals have already cashed out on their end before vanishing.
You see, for most of us, just reading this has sent a little wave of heeby-jeebies running down the back of our necks while those alarm bells start to ring in our ears.
But the game here, for these shadowy thieves, is just numbers.
Having the door slammed in their faces by thousands of potential victims means absolutely nothing to them.
These baited hooks are dragged all over the vast ocean (internet) with the expectation that only a small percentage of ‘fish’ will actually bite at what they’re offering.
And that’s all it takes. If just one out of thousands & thousands of hooks brings aboard a big enough fish, or even a few smaller ones, they’ve met their quota. They’re on their way to stealing a person’s banking info/credit card number/passwords…and they’ve made their score and never had to leave the comfort of the rock they live under.
Most times the software these criminals use to generate their phony messages is entirely automated. Once the fake websites or mass emails are in place, the messages are sent out with the push of a button and they can carry on with their lives and wait for ‘bites’.
So the bottom line; although we can arm ourselves with anti-virus and anti-malware software in the battle against these threats…our built-in BS detector…our sense of caution over curiosity, are the only things we can rely on when it comes to phishing attempts.
A good rule of thumb to follow when you’re checking emails or staying updated with your friends on Facebook…unless you’re absolutely, positively 100% sure where a particular message originated, leave it alone. Even if you DO know that you have an Uncle Abu Bakr and you think you met him at the family reunion 10 summers ago, and he really needs to know your bank card number & photo of your drivers’ license…tell him: No way Abu!
Don’t worry about disappointing him. He’ll move on to the next target in a heartbeat.
If you would like to learn more about fraud online, I recommend that you check out the Canadian Anti-Fraud Centre website.
**Acknowledgement: This article was written by Dean R Karkling with image generated by A.I.**
