How To Recognize and Avoid Phishing Scams | Explained

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] imagine one day out of the blue you receive an email from none other than the u.s department of justice this email contains a summon to the court threatening an immediate arrest for non-compliance that said there's not mentioned as well a link to a submit a petition letter to raise a dispute but if you click this link the hook is already sunk you are now a victim of a phishing attack cyber news explained [Music] have fishing explained and to make you dodge the hook that's why i'm here so what is fishing to give you a textbook definition phishing is a social engineering attack used to steal user data and what i just described above is known as an email phishing attack but what is a phishing email then and what are its usual characteristics first of all things impersonation of an authoritative figure a phishing email would capitalize on the authority of the organization or person asking you to do something and it's often paired with a sense of urgency forcing its victim to act immediately often without thinking first this case with the court is a striking example of that by trying to access the lincoln efficient email you'll get to a different website that will look the same work the same and even might have legitimate security measures and protocols in place only minor things like a difference in the web address can lead you to recognizing a fake but if you don't succeed at phishing attack prevention and try to log into the fake website this website will forward your details to the cyber criminals who are now in control of your personal information however email security threats are not limited to the scenario in the first quarter of this year hackers massively impersonated dhl sending out millions of emails about a package that was about to be delivered of course some victims didn't order anything at all but if you'll buy curiosity they would download an attached file anyways now this will pave the road for a trojan virus which is capable of taking control of the entire computer including all of the data stored on it but the dhl case as widespread and effective as it is is not even in the top 10 of the most impersonated brands what is the first place you might ask well it's oh it looks like you have a message go ahead i'll read it i'll awake congratulations you are on the hook facebook alongside of the social media is this year's most impersonated brand by itself facebook phishing contributes 14 of the fake websites used by cyber criminals which rises to 24 once all other platforms join in with 2.8 billion users facebook is a gold mine for cyber criminals fake emails asking users to change their password are usually the most popular example of facebook scams employed to steal user data however can also entice users with messages containing keywords and images associated with major contemporary events last year coronavirus was one of the most used topics and right now it is the war in ukraine so let's say you fell for it your name and personal details are now known to a seasoned criminal what's the worst that could happen oh you have no idea so the first thing a criminal would do is request new account pins and remake your bank cards remotely using banking details in your social security number then they would also extract or use all available resources you keep in banks and that would be just beginning identity fraud is highly possible as the information you forfeited can be used to request a new passport driver's license and much more and with those nothing stops criminals from taking credits from microfinance organizations racking up hundreds of thousands of dollars in credit card debt in a single moment you can lose all of your funds and rack up an insurmountable debt that's how fishing works but that's the worst case scenario many victims would probably suffer less probably having their accounts hijacked and then used for further impersonation scams to extract money or information from their social circle rinse and repeat in that scenario a phishing attack is like a spear breaking through your defense and delivering a deep wound that's ironic since the most devastating type of fishing attacks is called spearfishing as opposed to the email phishing this time the target is not a random user of a social media site or potential dhl client target for the spear phishing is researched beforehand so that the scam message will be specifically crafted for them impersonating closest friends family or business clients and partners sometimes the victim would be part of an organization and the attack would include an immense amount of background research to identify the power structure and hierarchy within that company then out of nowhere a low-rank clerk gets an email from one of the executives asking to sign a document and send back a signed copy with research done right an employee won't even notice that this email is sent from a slightly different address and will personally hand the corporate stamp and signature to the cyber criminals that's what actually happened to a belgian creland bank where one of the employees submitted the ceo stamp and signature to a fake email giving hackers enough resources to forge accurate transfer documents these documents were so realistic that each one was approved by the financial department without any issues costing krillin bank 75.8 million dollars in total while undoubtedly rarer than personal attacks such phishing scams have already cost multiple businesses from google and facebook to sony pictures millions of dollars of financial reputational and sometimes even physical damage the problem with phishing attacks is their unpredictability that employee of the kreeln bank never expected a criminal to pose as their boss and a normal citizen of the u.s will be pretty shocked to find out an email from a supreme court could be completely fake now it might be really hard to learn how to spot phishing attempts without falling into a paranoid state the best you can do to keep yourself safe is to stay vigilant and avoid revealing any of your personal details online especially on links included in personal emails if you do have something to fill in instead of clicking the attached link visit the website manually fake websites often look just like the real thing but if you access a website manually you can at least be sure you're revisiting the real thing now the same degree of vigilance should apply to text files archives and even images attached to emails as they can contain malware capable of injecting itself into your device and taking your details by force be careful of these scams and if possible prevent automatic loading of messages in your mailbox or even better use a secure email gateway with regular maintenance of filters against spam and malware this may prevent phishing scams or at least some of them that's the best you can do for now without getting too technical but you can subscribe to this channel since i might make a detailed tutorial on how to make your mailbox fishing proof and trust me you might want to see that but let's just say your best effort was insufficient what should you do after a fishing attack has already affected you first and foremost contact the police this is a cyber crime with a legitimate threat to your livelihood and there's nothing wrong about treating it as such then make sure to close or cancel all compromised bank accounts while explaining to the employees that your security was breached if you have compromised your passport it will have to be released as well in general every password document or account that was leaked has to be replaced or reinforced with additional security methods such as multi-factor authentication but there are no exceptions now to summarize phishing is not a joke fake emails and websites can cause tremendous damage to individuals and huge companies and little can be done to remediate the harm so the main thing you can do is prevent phishing attacks from ever taking place i trust that now you know why we need phishing email awareness you might even identify a scam yourself thank you for watching and stay safe online
Info
Channel: CyberNews
Views: 31,836
Rating: undefined out of 5
Keywords: phishing scams, how phishing works, phishing explained, what is a phishing email, phishing attack prevention, how to spot phishing, facebook phishing, phishing, phishing attack, phishing attacks, prevent phishing scams, phishing email, phishing examples, phishing attack explained, what is phishing attack, facebook phishing attack, phishing attack example, what is a phishing attack, phishing attack explained 2022, phishing explained simply, cyber security, phishing basics
Id: Yz0PnAkeRiI
Channel Id: undefined
Length: 8min 54sec (534 seconds)
Published: Thu Jul 14 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.