share

Most dangerous types of phishing emails and scams in 2019

Posted by Kendall King on Oct 2, 2019 3:15:12 PM
Kendall King
Find me on:

Most dangerous types of phishing emails and scams in 2019

 

83% of businesses experienced a phishing attack in 2018. Phishing is a technique used by hackers to trick you into handing over personal information such as passwords or banking details. This is not a new phenomenon, hackers have been using this technique since 1995.

While the basic concept has stayed the same, the tactics employed by cyber criminals have evolved with time. With advancements in technology, these attacks are quickly becoming more realistic. Here is our list of the most dangerous types of phishing scams.

 

Deepfakes

The first case of AI-based voice fraud was reported this year, which ended up costing the company $243,000. This demonstrates the catastrophic effects that audio deepfakes can have on a business. With deepfake technology rapidly becoming more realistic, it is only a matter of time before cyber criminals begin to use AI-based voice fraud on a larger scale.

In order to create a deepfake, the hacker must have access to video or voice recordings of the individual they are trying to impersonate. By processing these recordings through an AI algorithm, it allows them to create a convincing vocal imitation.

The best practice to avoid falling into the trap of AI-based voice fraud is to follow up phone conversations with an email and get the confirmation in writing.

 

Sextortion

Due to the embarrassing nature of sextortion emails, they have become a profitable way for cyber criminals to extract money from innocent victims. Hackers use a technique called spoofing to make it appear as if the email has been sent from the victim’s email address. An email address can be manipulated to be sent from an external source while displaying a legitimate address. These types of sextortion emails threaten to reveal nude images of the victim to their friends, family and social network. The attacker claims that the only way to stop the information from being leaked is if the victim pays the ransom within a specific time period.

You should never give in to the ransom and it is advised that you do not make contact or reply to the email. It is also recommended to change your passwords as an added safety precaution.

 

AI Phishing

Many phishing scams target large email lists and aren’t constructed well enough to fool most people. Artificial Intelligence is quickly changing this landscape and has made it easier for cyber criminals to target phishing scams more efficiently and effectively.

In order to create an individual spear-phishing message, the attacker needs to manually research each victim in order to create a convincing message specifically tailored to them. Using AI to build automated systems to execute phishing attacks has made it easier to create relevant information that can be used to target the victim for extortion purposes.

In such a rapidly changing environment it is crucial to develop and maintain a strong cyber security posture. Our recommendation would be to use a password manager to change your passwords regularly and use email filtering software to help keep your inbox clean.

If you believe you have been targeted by a phishing scam you can speak with one of our security specialists or report it to your local authorities.

 

If you liked this article, you may also like:

Attack of the drones: how to hack a drone

Saying no to Ransomware

6 security apps to protect your mobile device

AUTHOR

Kendall King

Account Executive

Resource

If your network future-proofed?

GRAB A COPY
UP NEXT

How to create an application whitelisting policy

If you’re reading this article, you probably have ...

Patching is key to the ASD Essential 8: Do it right in 7 steps

Patching. We all know we need to do it, but someti...