Spear phishing: when scammers know your personal information

This sophisticated new cyber scam is becoming increasingly common. Here’s how to avoid being harpooned by spear phishers.

Phishing has long been a way for criminals to con people into parting with personal details.

Now a new, more sophisticated con has been born – spear phishing – and it is catching out a lot of people.

Spear phishing is where you get an email from an individual or business that you know personally.

The email may be addressed to you by name, or mention a mutual friend, or a recent purchase you have made.

But, it is a con sent by criminals that have managed to find out some personal information about you, in order to make you more likely to fall for the con and part with your credit card number or bank account details.

Keep an eye on your credit report 

How they get your info

The criminals usually get their information about you from what you have posted online – either through your Facebook page, Twitter feed or other social media accounts.

For example, the fraudster may scan social media for your email address, friend list, and a recent post about your new camera you bought from an online retailer.

They will then email you posing as one of your friends and ask for your password for a photo site so they can see your new pictures.

If you respond with your password they’ll try to see if that password gets them into your account with the online retailer, if it does they’ll start spending your cash.

Or, they might email you pretending to be from the retailer asking you to reset your password or reconfirm your credit card details.

Keep an eye on your credit report 

How to stay safe

The first step is to take a look at your social media accounts and reassess your privacy settings.

Who can read what you post, or see your friend list? Change your settings so only friends, or people you approve, can see your accounts. And think twice about what you post in future.

Now take a look at your passwords.

Try to avoid using the same password for numerous accounts – that will stop spear phishers from being able to find out one password then use it to access lots of other accounts where they can spend your money, or empty your bank accounts.

Really you should have different – and I mean substantially different not just alternating numbers at the end of the same word – for all your online accounts.

Also, keep your computer’s anti-virus software up to date.

Some spear phishing emails can contain malware or direct you to a website or link that means you download Trojan horses onto your computer that allow the hacker to then monitor your key strokes so they can get your passwords and personal info.

Your security software can help protect you from malware, but only if you keep it up to date.

Finally, double check before handing out passwords or other personal info requested in emails, even if it seems to come from a person or company you trust.

Call them, or send a separate email, to check they are genuinely contacting you for that information.

Keep an eye on your credit report 

Stay safe! More scams to look out for:

Email scammers pretending to be from the Met

Don't fall for this supermarket voucher con

Cold call investment scam: how it works

Comments


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.