Spear Phishing: Phishing is not a new attack method. We meet her through our email. Most phishing attempts are pretty easy to detect because often malicious messages are sent by strangers.
Υπάρχει όμως μια "νέα γενιά" απατεώνων που είναι συνδεδεμένοι σε κοινωνικά δίκτυα και χρησιμοποιούν μια παρchange του phishing. Το "Spear Phishing" ή στοχευμένο phishing κάνει αυτό ακριβώς που περιγράφει το όνομα του. Αντί οι απατεώνες να αποστέλλουν χιλιάδες μηνύματα και στοχεύοντας όποιο πέσει στην παγίδα τους, συγκεντρώνουν τις προσπάθειες τους σε ένα μόνο άτομο.
Below we describe some tactics (Spear Phishing) used by Social Media Phishers:
Phishers use fake profiles to get into the victim's social circle.
The main tool that a phisher uses on social networks is a fake profile. Phishers create fake profiles using photos stolen from other online profiles. They usually select photos of attractive people and adjust them to their profile using fake demographic information based on what they think will be liked to their victim.
So for example if their victim is around their 30, the age they choose will be close to 30. They may even use the same city as the victim, whether they are living in another continent, or they can write that they were going to the same high school with the victim.
Phishers exploit the victim's friends to gain credibility
A telltale sign of Spear Phishing scammers except from the fake profile, it's also that they don't have many friends, because usually their profile has an expiration date and doesn't last long.
But in order to win the favor of the victim, before they make good friendship with him, they will look at the list of his friends. Immediately afterwards they will try to make friends, as many as they can.
Experienced phishers will watch this step, as they will gain more easily the victim's confidence if he notices the common friends.
Phishers use the Likes, and the victim's interests
Οι Phishers θα προσπαθήσουν να "διαβάσουν" μέσα από το προφίλ του θύματος τι του αρέσει και τι δεν του αρέσει. Οι απατεώνες θα αρχίζουν να δημοσιεύουν σχόλια που φαντάζονται ότι θα αρέσουν στο θύμα, και θα κάνουν like, στις δημοσιεύσεις του, χτίζοντας μια νέα σχέση.
Once he has caught the victim's interest, he can hit. It usually does not do it publicly by posting a malicious link, but sends it discreetly with a personal message. The link contained in the message appears to be something of interest to the victim. In fact, it is the bait to lead the victim to a phishing website where he can collect his personal information.
What can you do about Spear Phishing?
Try to hide as much information as you can
The less information phishers see the better. Make your information visible only to your friends. Avoid her creation an open profile that the whole internet can see. Spear Phishing scammers are looking for any information that will help their phishing efforts.
Hide your friends list
Change them settings so that no one can see your friends list.
Do not be too happy with unknowns that have come to you from nowhere
Unfortunately, polish is not gold. This is especially important in the Internet.