Falling For The Trap: Why Phishing Works
over 4 years ago
– Thu, Nov 14, 2019 at 08:24:56 PM
Hi everyone!
We're just under a week away from the end of the campaign, and we're over 80% of the way to our goal with a week left! We’re in the home stretch now.
We wanted to talk a little bit today about how phishing - one of the things that we designed Pangolin to protect against. There’s a reason why it’s a massive industry for cybercriminals. It works, and they are always coming up with new ways to trick us.
Phishing is one of the oldest and widespread weapons for cybercriminals that specialize in fraud and identity theft.
The premise is simple. You receive a link that looks legitimate, either in an email or a message from a friend or trusted organization and click it.
You’re then redirected to a site that looks authentic and are tricked into signing in with your login credentials. After that step, you’ve been compromised, especially if you use the same password and email address for multiple services.
Phishing isn’t only an issue for private citizens, either. It’s a major problem for corporations too. A study by Accenture showed that 85% of participating organizations experienced phishing and social engineering attacks.
It’s easy to see why: people are still vulnerable. If a criminal can convince someone of a site’s authenticity, then victims might hand over control of their digital lives.
People from all walks of life have been affected by phishing, from politicians, business executives, stay-at-home parents, retirees, and more. We’re all human, and we make mistakes - and that’s what they prey on.
TRIGGERS
The specific trigger that causes someone to click a phishing link varies from person to person, but they all fall under similar umbrellas.
According to researcher Daniela Oliveira, these are:
- Authority: Contact from someone who could be in a position of authority
- Scarcity: An offer for something that you deem scarce and valuable
- Commitment/Consistency: Messaging that follows your perceived way of thinking
- Liking: Contact from people that are in the same demographic
- Reciprocation: Requests for a favor to be returned
- Social Proof: Doing the same as others.
Here are a few situations where one might fall for a phishing scam:
- A seemingly innocuous email from a trusted organization such as a bank, or a service a user subscribes through like a video streaming site or online game.
- A message from a friend with a compromised account that’s asking you to visit an interesting website.
- An offer to sign up for a raffle that will award a valuable and rare pair of sneakers.
Additionally, Oliveira shared that good cybercriminals take advantage of our brain’s ability to make quick decisions without fully assessing a situation.
Even worse, these malicious groups have also a developed a keen understanding of when we’re most vulnerable. They also know how to try to take advantage of our mood or alter it to make us more susceptible.
To add to the problem, phishing sites have become extremely advanced on a technical level. Many audiences may not even be able to tell the difference between a legitimate site and one designed by criminals.
It's because of these evolving methods that we've got to stay vigilant.
Finally, we wanted to share with you some awesome projects that we've had our eye on. These are all fresh projects and exciting creators who could use your support.
ICEBREAKER POP - The Ice Cube Tray Reinvented
An easy way to make and serve clean ice cubes. Fill, freeze and POP! Your ice is ready to be served without touching it! CLICK HERE
___________________________________________________________________
TEMPEST: A revolutionary personal weather system
A cutting-edge weather station and AI-powered app provide you a better forecast. Share data with meteorologists everywhere! CLICK HERE
___________________________________________________________________
Digi-Chill: A Better Way to Charge Your Phone
The first charger designed to NOT damage your phone! CLICK HERE
___________________________________________________________________
Pollix Watch - the prime health & fitness smartwatch
Features AI tech with GPS, ECG, HR, SPO2, blood pressure, and 10+ days battery life! CLICK HERE