Phishing, Vishing, Smishing…and Pharming.
Sound like fun? Think again!

We all know what a big part the internet plays in our modern-day lives. Let’s face it, most of us simply can’t live without it. It seems like everything we do revolves around the world-wide web. From shopping and paying bills, to watching movies and playing games. But its not all fun and games because lurking within the technology are scammers waiting to pounce and wreak havoc on us all.

Fraudsters and their means of gathering the information they want are coming up with new ways of baiting their prey. What used to be strictly computer-based hacking has evolved into other means of communication. We’ll break down each one for you as simply as we can.

Phishing – this is the most common attack. You may have heard of it, or maybe even been a victim. Just like it sounds, hackers ‘fish’ for your personal information…by means of an email. The email, to the untrained eye, appears to have been sent from a legitimate source such as a bank/financial institution, a government agency, or another well-known and reputable entity. The message delivers a sense of urgency, driving the recipient to submit or verify their personal information by following a link that is embedded in the email. When the recipient clicks on that link, they are redirected to a fraudulent site which belongs to the scammer. Upon entering the fraudulent site, the user may be asked to provide passwords, account numbers, social-security numbers and other personal and confidential information which is, basically, their identity. Once all that information is given, the scammers quickly act towards accessing your bank accounts and e-wallets, and ultimately stealing your money.

Vishing – like phishing, just add a voice. Vishing scammers (vishers) will entice their victims to ‘hand over’ their personal information via a phone call. For example, the visher will place a call to your home or cell phone pretending to be a bank employee, or a credit card/financial institution employee. They might tell you that your card is in danger of being blocked unless specific information is provided, such as the account number, the CVV code, etc.  Or they might offer a lower interest rate for your card because you’re currently paying too high an interest rate, and they can help get it lowered. All you need to do is give them your account number and CVV code, and they’ll help you out. Yeah, right!  Have you ever heard of a credit card company calling you to offer you a better rate?  The odds of that happening are pretty much zero!

Smishing – scammers have now crept into our hands with this latest version of hacking. Smishing adds the ‘sms’ factor to phishing. Smishing scammers (let’s call them ‘smishers’) will send a text message to your phone, with the intent of luring you to follow a malicious link. As with phishing, the smish message can appear to be from a well-known financial institution, or it might even play on your emotions and tell you you’ve just won a prize vacation….or the lottery. Wouldn’t that be nice? Don’t fall for it!
Pharming – Plain and simple, pharming redirects users to a third-party website. Pharming scammers (let’s call them ‘pharmers’) will usually set their sights to online banking or other money-transferring and payment systems. By using the DNS cache on the end-user’s device or the provider’s network equipment, they can cleverly substitute the original website for a fraudulent one. Once the victim is baited to the fraudulent site and authorizes a specific resource, the virus will instantly become active and do its damage.
Currently, it is difficult to detect pharming and therefore difficult to keep safe and secure from it.

So, how can you protect yourself from Phishing, Vishing, Smishing and Pharming? Here are a few rules of thumb:
  • Don’t open emails from unknown sources. Be aware of the sender’s name and the subject of the  message. Delete those that look suspicious.
  • Don’t click on links in emails that you aren’t expecting.
  • Don’t reply to messages that request personal information.
  • Don’t trust unsolicited phone calls.
  • Look for typos and mistakes in the body of the email and/or texts; this is an indication that it is a hoax.
  • Files that have the following extensions can install malicious software, don’t open them. (.zip, .bat, .reg, .msi, .vbs, and of course .com).
  • Don’t download software from unfamiliar websites.
  • Don’t use unlicensed software.
The goal of these types of internet fraud is to gather your personal and confidential information. While they are all similar in tactic, the way they operate is different.  However, protecting yourself from all requires attention to detail, common sense, solid user training and a great IT team to keep you “in the know”. If you need one, we can help!