• Home
  • IT
  • Spearfishing and Whaling: How To Protect Against Phishing Scams

Spearfishing and Whaling: How To Protect Against Phishing Scams

Phishing scams typically come from email messages – and it can affect your desktop, laptop, tablet, or smartphone. Phishing scams work by enticing you to click a link in an email message, bringing you to an incredulous website. There, the website will force you or encourage you to divulge private information, like your full name, address, or sensitive financial data. Then the person on the other side of the website will be able to use your private information for their use. Identity theft is a reality of using the Internet. However, by understanding how phishing scams work, you will be able to identify them and prevent them from being a problem. 

There Is More Than One Type of Phishing Scam

As more people are becoming more aware of phishing scams, the scams have become more sophisticated and sinister. “Spearfishing” tends to be hyper-focused on an individual. With spearfishing, the perpetrators will gather relevant, public information about the target to create an email message that is highly personable. This is made to encourage the target to click through, and give away sensitive information. Spearfishing tends to occur with people who have influence and/or are popular in a particular niche. Whaling tend to focus on businessmen, government officials, or celebrities.

Avoiding Phishing Scams: Whaling, and Spearfishing.

Be very suspicious of a perceived accredited organization that ask for private information. A verified school, institution, or governing body will never ask for private information over email. Many times perpetrators of phishing scams will use an email that is very similar to an organization. However, upon closer inspection, you will see that the email will have different letters to try to pass for the actual institution. Perpetrators do this in the hopes that you will not be able to identify the mistake in their email address. Never reply to a link in an email if you think the message is fraudulent. If a phishing scam is trying to pass off as an accredited institution, type the URL of the school or governing body into a search engine and contact an administrator. Inform them that you have received an email from them that is asking for private information. Ask them if this is a verified email message, and if you need to carry out the action in the email.

Be very suspicious of emails from unrecognized email addresses. Many modern email platforms have noted the urgency of scam protection. Email message platforms like Gmail know how fraudsters trick Internet users into submitting private and personal information. Many of these platforms have powerful and effective filters, allowing you to never see a fraudulent email. However, sophisticated attempts will sometimes bypass filter algorithms. If you receive an email message from an unrecognized email address, type in the email address into a search engine. A lot of the times phishing scammers tend to target many people at once. You might be able to see if other individuals have been targeted by this phishing scam and the prevalence of it. Many phishing scammers will try to use brute force by finding you into submitting private information. If you think you are subject to a whaling scam and have perceived the email message as a personal attack, contact authorities immediately.

Many websites utilize security certificates and parameters to foster a sense of trust with online visitors. When conducting an online transaction, a secure website will use HTTPS in the URL. This is a secure protocol that will encrypt private information sent through the web. Be wary of websites that do not have this prefix in their URL. Some phishing scammers will utilize a pop-up in the email message to encourage people to submit information. Never enter personal information on a pop-up screen, and do not click on any links or images.

One of the more effective ways that you can protect your computer and personal devices from phishing scams and viruses is via the use of an antivirus and anti-spyware program. There are many security suites that will monitor your email for you, protecting you from deceitful messages. Take the habit of regularly executing an anti-spyware scan to remove viruses. Contact us to learn more about customized solutions for small and midsized businesses. Follow us at @bwstechnologies.