Sorted header abstract pattern
Sort my 6 Steps Tools Guides Blog Moreabout Sorted
Search Icon search small

back iconBack

Sort my...
A man and woman are walking together outdoors and looking happy

back iconBack

Start here

6 steps to get your money Sorted
6 steps to get your money Sorted

back iconBack

All tools

Tools

back iconBack

6 steps to getting your money sorted
Video

All videos

View all

back iconBack

View all

back iconBack

More Sorted Info

Blogs
View all

Scam alert

Gone spear phishing

28 November 2017
Reading time: 3 minutes


Posted by Tom Hartmann , 0 Comments

Many times what connects us gets used against us. With so much of the world using email, it’s unfortunately become the weapon of choice for fraudsters. Last year, for instance, one in 131 emails contained nasty malware, the highest it’s been in five years.

Since this week is Cyber Smart Week, it’s time to shore up our defences.

Hopefully all of us by now are familiar with “phishing”, where the scammers cast their nets far and wide in the hope that someone they email will click a fake link or open a malicious attachment. They’re aiming to reel in our private details, like credit card numbers or passwords. Globally, phishing scams have been a bit in decline recently, so perhaps we are more on our guards and they’re becoming less effective.

Or they’re getting more sophisticated.

Heard of spear phishing?

That’s when phishing scams target a specific organisation, such as your business, bank or a familiar brand you use. Last year spear-phishing emails targeted more than 400 businesses every day, draining $3 billion over the last three years.

Imagine if you received a fake email from your bank asking for a transfer of funds or information. You’re more likely to consider the request to be legit.

Spear phishing can also happen to you while you’re working. These kinds of scam emails are typically sent during the work week, and often have subject lines like “Request”, “Payment” or “Urgent”.

These email scams deploy many of the same persuasion tactics that scammers typically use. “They’re using that sense of urgency to make us act,” explains the Commission for Financial Capability’s fraud expert Bronwyn Groot.

Another example of spear phishing can happen when you are working with a familiar brand like Google. When you’re prompted to login, you might not think twice about popping in your password. If you’re then redirected by the scammers somewhere else, you’re effectively handing over the keys to all your emails and contacts. Last year Google users were targeted and an estimated one million accounts were affected.

With spear phishing, that urgency is even more dialled up because it’s coming from your organisation, bank or your brand. But what if it’s coming from your boss?

Then there’s whaling.

“Whaling” is another kind of phishing that’s even more specific – the scam email is pretending to be from your boss or senior management. Here scammers are harnessing the power of authority to get us to act. When it’s a note from the CE, people tend to pay attention.

As is typical with scam emails, they tend to be short and to the point, often containing spelling errors that would usually raise a red flag. But when they’re paired with a sense of urgency, and they come directly from someone in power, we might explain those errors to ourselves as the boss simply being busy or in a rush. And that’s when we take the bait.

Take advantage of Cyber Smart Week to shore up your defences – and stay safe out there!

Comments (0)

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments

Tags
Scam alert

Recent Comments

My Money Sorted: Ema
3 Comments

Five ways to shop smarter this Black Friday
1 Comment

My Money Sorted: Charlie
1 Comment

What’s with insurance in 2024? Five things to do when your premiums surge
1 Comment

My Money Sorted: Gordon
1 Comment

Guided by Matariki, it’s the perfect time to think ahead
1 Comment