Sorted header abstract pattern
Sort my 6 Steps Tools Guides Blog More
Search Icon search small

back iconBack

Start here

Sort my...
A man and woman are walking together outdoors and looking happy

back iconBack

Start here

6 steps to get your money Sorted

back iconBack

All tools

Tools

back iconBack

View all

back iconBack

View all

back iconBack

More Sorted Info

Blogs
View all

Scam alert

Gone spear phishing

28 November 2017
Reading time: 3 minutes


Posted by Tom Hartmann , 0 Comments

Many times what connects us gets used against us. With so much of the world using email, it’s unfortunately become the weapon of choice for fraudsters. Last year, for instance, one in 131 emails contained nasty malware, the highest it’s been in five years.

Since this week is Cyber Smart Week, it’s time to shore up our defences.

Hopefully all of us by now are familiar with “phishing”, where the scammers cast their nets far and wide in the hope that someone they email will click a fake link or open a malicious attachment. They’re aiming to reel in our private details, like credit card numbers or passwords. Globally, phishing scams have been a bit in decline recently, so perhaps we are more on our guards and they’re becoming less effective.

Or they’re getting more sophisticated.

Heard of spear phishing?

That’s when phishing scams target a specific organisation, such as your business, bank or a familiar brand you use. Last year spear-phishing emails targeted more than 400 businesses every day, draining $3 billion over the last three years.

Imagine if you received a fake email from your bank asking for a transfer of funds or information. You’re more likely to consider the request to be legit.

Spear phishing can also happen to you while you’re working. These kinds of scam emails are typically sent during the work week, and often have subject lines like “Request”, “Payment” or “Urgent”.

These email scams deploy many of the same persuasion tactics that scammers typically use. “They’re using that sense of urgency to make us act,” explains the Commission for Financial Capability’s fraud expert Bronwyn Groot.

Another example of spear phishing can happen when you are working with a familiar brand like Google. When you’re prompted to login, you might not think twice about popping in your password. If you’re then redirected by the scammers somewhere else, you’re effectively handing over the keys to all your emails and contacts. Last year Google users were targeted and an estimated one million accounts were affected.

With spear phishing, that urgency is even more dialled up because it’s coming from your organisation, bank or your brand. But what if it’s coming from your boss?

Then there’s whaling.

“Whaling” is another kind of phishing that’s even more specific – the scam email is pretending to be from your boss or senior management. Here scammers are harnessing the power of authority to get us to act. When it’s a note from the CE, people tend to pay attention.

As is typical with scam emails, they tend to be short and to the point, often containing spelling errors that would usually raise a red flag. But when they’re paired with a sense of urgency, and they come directly from someone in power, we might explain those errors to ourselves as the boss simply being busy or in a rush. And that’s when we take the bait.

Take advantage of Cyber Smart Week to shore up your defences – and stay safe out there!

Comments (0)

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments

Tags
Kids and money Budgeting Goals Scam alert Money mindset KiwiSaver Managing debt Money tips Investing

Recent Comments

Who’s teaching your daughter (or niece, or granddaughter) about money?
1 Comment

My Money Sorted: Hilary Barry
2 Comments

My Money Sorted: Ben
3 Comments

My Money Sorted: Daniel
1 Comment

8 ways to hack Christmas when you’re stretching the budget
6 Comments

6 ways to shop smarter this Black Friday
1 Comment

sign up bar pattern
sign up bar icon

Want help with your money coming straight to your inbox? Sign up to Sorted.