Category Archives: Scam Alert

Spear Phishing: Targeted email attacks tough to spot

You may get really good at spotting the signs of regular phishing attempts: generic greetings, misspellings and typos, phony links, and dire consequences if you don’t act now. But that doesn’t mean it’s time to let down your guard, because you still may be the target of “spear phishing.”

Spear phishing attacks are targeted right at individual users. Spear phishing hackers target people based on their internet habits, their social media profiles, and their occupation. And they construct carefully targeted messages to break down your defenses. While there may be differences from traditional phishing and spear phishing, the goal of the scammers is the same: obtain your personal information, such as user names, passwords, and credit card information.

Remember, no reputable company or organization will ask you to confirm your account password or personal details via e-mail. When in doubt, contact the company directly to verify the legitimacy of an e-mail or request for information.

A spear phishing call comes from a specific individual or group claiming to be part of a company or organization that you know or frequent. Here is one example:

Hi Josephine, this is Al from Let’s Go Webinars. I’m excited to work with you on your social media sites!

First, I’ll need to make sure the tool you use to conduct webinars is configured correctly… Can you please provide me with your user name and password for Let’s Go Webinars?  I will also need your billing details for your latest subscription.

Spear phishers claim to know the people you work with, the websites you frequent, or the products or services that you recently purchased.

Criminals need some information about you in order to convince their victims that an e-mail is legitimate. They often obtain such information by hacking into a computer network or scanning websites, blogs, and social networking sites.

No more generic salutations, like “Dear Sir/Madam” or “Hello Cardholder.” Spear phishers know your name and maybe more!

Be aware of what you post online. The more information you give up on social media sites, support forums, and other public-facing sites, the more information spear phishers will have access to in order to gain your trust and confidence.

Here are some more examples:

            

Report Spear Phishing Attacks
If you receive a spear phishing email or text message, report it. The information you give can help fight the scammers.

If you receive a phishing email, forward it to the FTC at spam@uce.gov and to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726). Also, report the phishing attack to the FTC at ftc.gov/complaint.

Tips for donors to avoid scam calls, crowdfunding sites

Hurricane season officially kicks off June 1, which means hurricanes, tornados, fires, and other natural disasters will be in the news. While it’s heartbreaking to see people lose their homes and businesses, it’s more appalling when scammers exploit such tragedies to appeal to your sense of generosity. The FTC shared some tips for making sure… Continue Reading

‘Jailbroken’ streaming devices and apps are Trojan Horses for malware

‘Jailbroken’ streaming devices and apps are Trojan Horses for malware

The latest entertainment scams are just like Trojan Horses—you invite them into your home thinking they’re something awesome, but they actually mean you harm. Back in the old days (in 2017), you “just” had to worry about downloading pirated content you found on the internet because it could contain malware. Now, scammers are selling devices… Continue Reading

Personalized email scams on the rise

Personalized email scams on the rise

Gone are the days when we only needed to be wary of generic emails from unknown senders. As consumers and employees get cyber-savvy, criminals up their game by adding a personal touch to email and phone scams. Scammers are now doing more background research, getting to know more about email addresses, and working to establish… Continue Reading

Cyber security hint: Make passwords strong

Cyber security hint: Make passwords strong

In honor of National Consumer Protection Week, BendBroadband is sharing blogs about phishing scams and this one below which reminds consumers to make your passwords strong and tough to crack. The tips below were adapted from the Dept. of Homeland Security’s Online Privacy Tip Card: Make your passwords/passphrases strong You can increase the strength of… Continue Reading