Each week on this podcast, we look at the most recent events and trends related to data security and privacy. Today, we'll be talking about the dangers of phishing and smishing attacks and how to avoid them.
Fishing, with an “F,” is a long-lived pastime all across the globe. Some argue there’s nothing more peaceful than a day out on the lake, waiting for a bite. Well, there’s another kind of phishing, with a “ph,” that is guaranteed to ruin your day. Phishing attacks take advantage of a user’s information and goad them into clicking a fraudulent link, giving them access to the victim’s personal information. If you don’t want to get caught on someone’s hook, check out a few of our tips to stay safe.
Fishing, with an “F,” is a long-lived pastime all across the globe. Some argue there’s nothing more peaceful than a day out on the lake, waiting for a bite. Well, there’s another kind of phishing, with a “ph,” that is guaranteed to ruin your day. Phishing attacks take advantage of a user’s information and goad them into clicking a fraudulent link, giving them access to the victim’s personal information. If you don’t want to get caught on someone’s hook, check out a few of our tips to stay safe.
Show Notes
Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/
Follow on Twitter: twitter.com/IDTheftCenter
Show Transcript
Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for April 21, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss the latest phishing attacks that could impact PayPal users and tax filers. We will also talk about the dangers “pf” phishing and smishing and how to avoid them.
Fishing, with an “F,” is a long-lived pastime all across the globe. Some argue there’s nothing more peaceful than a day out on the lake, waiting for a bite. There’s another kind of phishing, with a “ph,” guaranteed to ruin your day. Phishing attacks take advantage of a user’s information and goad them into clicking a fraudulent link, giving them access to the victim’s personal information. If you don’t want to get caught on someone’s hook, check out a few of our tips to stay safe.
PayPal Data Breach
More than 35,000 PayPal user accounts were recently compromised in a data breach. The Office of the Maine Attorney General reports that PayPal accounts were accessed via a credential-stuffing cyberattack, exposing names, addresses, Social Security numbers, tax identification numbers and dates of birth. Cybercriminals may then use the stolen credentials to launch a series of phishing attacks.
What are Phishing and Smishing?
Phishing and smishing are two common types of cyberattacks that can be used to steal sensitive information from unsuspecting victims. Phishing attacks typically involve using fraudulent emails or websites designed to look like they come from a legitimate source, such as a bank or government agency. Smishing attacks use text messages or other types of mobile messaging to trick victims into divulging sensitive information. Smishing attacks are common now that many people use their smartphones as their primary devices for accessing the internet.
Phishing and Smishing Tax Scams
The Internal Revenue Service (IRS) is also warning taxpayers and tax professionals of the latest phishing attacks and smishing tax scams. It’s part two of their Dirty Dozen tax scams campaign. Ignore any tax-related messages that claim to come from the IRS or states, and don’t click on unknown links or attachments to avoid malware or ransomware.
How to Avoid Phishing and Smishing Attacks
The latest phishing attacks and smishing scams exemplify how effective they can be. Both phishing and smishing attacks can be challenging to detect if you’re not careful. As technology advances, stay vigilant about protecting your personal information online. Here are some tips to help you stay safe from phishing and smishing attacks:
- Be suspicious of unsolicited messages and phone calls, even if they appear to be from a trusted source.
- Never click on links or download attachments from unknown senders. Verify the information with the source before taking any action.
- Use unique passphrases and login credentials for each account, preferably with more than 12+ characters.
ITRC Breach Alert for Business Coming Soon
The ITRC continues a beta test of a new service for businesses, Breach Alert for Business, that want to ensure they receive a notification when a data breach at a vendor or partner is entered into the ITRC’s data compromise database. For more information, fill out our interest form here and click “notified business alerts”.
Contact the ITRC
If you want to know more about how to protect your business or personal information, or if you think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.
Thanks again to Sentilink for their support of the podcast and the ITRC. Next week, we will have an episode of our sister podcast, The Fraudian Slip, where we will get thoughts from Chief Information Officers on identity and security. We will return in two weeks with another episode of the Weekly Breach Breakdown.
Listen On
Also In Season 4
-
The Fraudian Slip Podcast ITRC - 2024 Predictions
Welcome to the Fraudian Slip…the Identity Theft Resource Center’s podcast where -
The Weekly Breach Breakdown Podcast by ITRC - NameDrop and Roll - S4E34
Welcome to the Identity Theft Resource Center’s Weekly Breach Breakdown for Dece -
The Fraudian Slip Podcast ITRC - Takeaways from the ITRC Biometric Working Group Discussion Paper
Welcome to the Fraudian Slip…the Identity Theft Resource Center’s podcast, where -
The Weekly Breach Breakdown Podcast by ITRC - Bad News travels Fast - S4E33
Welcome to the Identity Theft Resource Center's Weekly Breach Breakdown for Nove