Spearphishing

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.

 

In the past month, I have had one spearphishing attempt by email and one by phone (where they actually left a voice mail.) I have found that most phone spammers will not leave a voicemail.

The email was clumsily fashioned as an inquiry from one of my credit card providers saying that someone had attempted to use my credit card from an unrecognized device.  They offered a button on the email if I felt such an attempt had occurred.  Since I have heard from this credit card provider many times for just such an event (usually me from a different computer or tablet),  I knew that the font in the email was wrong as well as the language in the email.  Plus this credit card company has never offered a button within an email.

The phone call was equally suspect.  The caller on the voice mail never identified which company they represented, they used a local non 1-800 number, and they were vague about using Apple devices without knowing which Apple devices I do or do not use.

So far, this has only required a bit of commonsense and not responding immediately to an email or voicemail.

Both my father in law and my stepmother have or  had dementia.  This inability to pause before responding to a voicemail or an email is an early sign of dementia

I am not vain enough to say that I will never be caught by a spearfisher or even fake news, but pausing  to see:

  • Does this pass the commonsense test
  • Do I know this person or provider
  • If I do know this  person or provider, does it resemble normal communications
  • For email, has my malware and security systems vetted  the email
  • Am I able to vet  the information from a second source or by checking with  Snopes or another urban legend source
  • Does the URL match the actual organization link or is the logo authentic

Can make a difference in taking the bait and getting hooked or not.

 

12 thoughts on “Spearphishing”

  1. In the past two months, I have received three emails from friends asking for help with gift cards for a nephew/relative. In all three instances, I called the friend, and sure enough, they had been scammed. One friend said that I was the 15th caller to report it, and one friend completely deleted her email account and started a new one.

    Liked by 3 people

  2. You are right,.Bonnie. Thanks for bringing this type of scam up. I got something similar from an acquaintance (I wouldn’t really call her a friend) asking me to buy a $200 gift card on Amazon as a birthday present for her niece. I told her I couldn’t. She then replied and wanted me to buy a gift card for Sephora at the grocery store. I again told I couldn’t. I have not communicated with her since and do not feel the same way about her at all. Unless it really was not her, but it was her email. Since then, I’ve heard from her a few times since about our read and critique group. Maybe I should ask her if she really did send that email since you have identified this as a scam.

    Liked by 1 person

  3. Wow! That sounds nasty! I’ve never had anything like that happen, just the normal run of annoying robocalls that we all get. I can believe that a scam like this would be easy to fall for, coming apparently from a trusted friend. My spam filter snares a lot of real junk, but something like this would slide right through. Thanks for the alert!

    Liked by 2 people

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.