Top Phishing Scams & Types We’re Seeing in 2022
Top Phishing Scams of 2022
Phishing remains the most popular cybercrime suffered by U.S. businesses and individuals. The criminals typically use social engineering to trick victims into giving out sensitive information by masquerading as a trusted source. They then use or sell the information to enrich themselves or plan a more sophisticated scam.
Luckily, most phishing scams and their variations are easily identifiable and preventable with the right level of awareness and knowledge. Here are popular phishing scams we’re seeing in 2022 and how you can keep yourself safe.
Spear Phishing
A spear-phishing attack is a more targeted form of email phishing directed at a specific individual. Cybercriminals gather information about the victim from publicly available sources, such as social media platforms.
Armed with personal information, the scammers address victims by name, tricking them into opening a malicious attachment or link. Due to the well-crafted effort and realistic phrasing of the email, spear phishing scams are extremely difficult to identify.
Keeping Safe: Beware of unusual requests, especially emails from your superiors. Avoid downloading attachments you haven’t requested, and treat any attempts to gain your trust with suspicion.
Voice Phishing
Vishing or voice phishing is a reinvention of the classical spam call scam. It has seen a steady rise, so much so that the FBI sounded the alarm. Cybercriminals spoof caller IDs on VoIP phones, masquerading as family members, friends, government officials, and more.
The scammers attempt to push the victim to give out valuable information. The trick often involves creating urgency or authoritative threats that prevent the target from thinking straight.
Keeping Safe: Hang up any suspicious calls. Never visit any website provided over the phone or share any sensitive information over a call.
Business Email Compromise (BEC)
BECs are complex phishing scams that target businesses or individuals responsible for finances. Criminals gain access to an executive’s account or impersonate one and send internal requests to junior employees.
The scammers use social engineering or sophisticated computer intrusion techniques to wire funds to their accounts, defrauding businesses.
Keeping Safe: When processing large sums, an unusual sense of urgency should raise the alarm. Additionally, show wariness towards transaction requests without any legal correspondence.
Social Media Phishing
Social media platforms have become a favorite for cybercriminals wanting to launch large-scale phishing scams. Most profiles contain so much personal information that attackers can use it to sell themselves as trusted sources.
You may receive links, pictures, videos, surveys, and comments that send you to malicious websites that steal sensitive information.
Keeping Safe: Don’t click on suspicious links, even from friends or family. Their accounts are possibly hacked. Stay alert on messages or requests from unknown individuals.
Crypto Phishing Scams
The crypto crazy has provided a novel avenue for cybercriminals to launch phishing attacks. With a large percentage of the population still oblivious to blockchain technology, scammers can create clone websites and fake coin apps to collect personal information from unsuspecting visitors.
A common scam involves spoofing tweets from well-known crypto promoters to infiltrate their communities before laying a trap for ignorant victims.
Keeping Safe: Use your judgment. If the deal sounds too good, it is probably a scam. Beware of ads calling for investing in novel coins.
Search Engine Phishing
Scammers create legitimate pages on search engines, such as Google and Bing, and use high-value keywords to rank higher. Unsuspecting victims click on links to these websites where they share their personal information, completing the attack.
The pages often contain fake scholarships, job offers, discount coupons, or dating matches. With free SSL certificates, most of these sites can seem legitimate.
Keeping Safe: Look for one-in-a-lifetime offers that may entice you to click on suspicious links. Poorly-designed websites are also a major red flag.
Clone Phishing
Web fraudsters can also clone or spoof popular websites to entice visitors to share their personal information. Fake websites often contain similar features to the original, including logos, texts, and images. Health, banking, and social media sites are some popular cloning targets for cybercriminals, as they often include vital personal information.
Keeping Safe: Check for URL misspellings. Web design errors, such as pixelated logos, are also a giveaway.
Staying Safe While Online
Phishing scams can have huge financial and reputational ramifications. Proper cybersecurity practices and diligence can help thwart most of these risks in their infancy. Taking a proactive approach can help keep you and your important information safe.