Thursday, October 10, 2013

Sex, Money, and Friendship: Phishing Bait that Works

phishing, scam, email, fraud
In a recent study by TNS Global, 30% of the 1000 polled said they would open a general phishing email even if they thought it had a virus. And if the phishing emails are crafted to be especially enticing, then the percentage is even higher.

Wait...what?

Evidently, a simple email click is still awfully hard to protect against. Even though we all know what to do (and what not to do) a compelling email can throw good sense out the window and even the most educated people can fall for it. According to the study, this is especially true if the email tempts women with social networking invites (interesting) or tempts men with money, power and sex (yeah, no kidding).



Phishing Needs the Right Bait


While it may seem like we should be past this now—the temptation to click links in phishing emails—part of the problem is a perceived lack of consequences. Everyone has experienced the accidental “Click….oops….uh oh” scenario. But a week later, when your financial world has not come crashing down due to rampant identity theft, you breathe a sigh of relief and forget all about that little click. And you might worry a little bit less the next time you’re faced with a “to click or not click” dilemma.

Yet, phishing email recipients do not always recognize or even experience the less obvious consequences of a successful phishing attempt. The truth is that fraudulent emails carry viruses, load spyware, harvest personal information, load malware or even just do irreparable damage to your computer.

Far too many people fail to connect the opening of emails and clicking of fraudulent links to their most annoying computer problems, which can include slow computer performance, slow internet response, SPAM blasts from “you” to friends or other contact lists, obnoxious pop-ups in and out of web browsers, blue screens, OS freezing, software malfunctions….I could go on and on. And often the more serious consequences—like compromised passwords or corrupted data—can go unnoticed until long after identity theft and fraud has begun.

This article shows that even savvy people click on nefarious links every once in a while. So, tip #1: STOP CLICKING ON EMAIL LINKS. And if by some chance, that message gets past you and you click by mistake, here’s tip #2: don’t assume everything’s all right based on a lack of immediate consequences. Be extra cautious and take extra precautions, just in case.

More about Phishing