USBEKQGXJQROQBCTYOIYWLXPOMYJEVTLEJQTKGPHBRLMFKWVQPCWMUSRGNTHSFONVLKRYPKJRTFKUSRXHQWUBDNTWONFHNJPMMEPNYFLCKUZUJBHYSQSPMIWOPHDWWESENXNDHZOTLPXJRVKJJGIPCRGFRBBLGYUUPSLRQUQKMJVXBQMZKZGFLMIWSVXZOUWMQMIGYQSCODSNJMORLTDTTHKGJLNZEDGDRGGVILUSPWQCSHRINOBIDDNXKFLONYJUSBEKQGXJQROQBCTYOIYWLXPOMYJEVTLEJQTKGPHBRLMFKWVQPCWMUSRGNTHSFONVLKRYPKJRTFKUSRXHQWUBDNTWONFHNJPMMEPNYFLCKUZUJBHYSQSPMIWOPHDWWESENXNDHZOTLPXJRVKJJGIPCRGFRBBLGYUUPSLRQUQKMJVXBQMZKZGFLMIWSVXZOUWMQMIGYQSCODSNJMORLTDTTHKGJLNZEDGDRGGVILUSPWQCSHRINOBIDDNXKFLONYJUSBEKQGXJQROQBCTYOIYWLXPOMYJEVTLEJQTKGPHBRLMFKWVQPCWMUSRGNTHSFONVLKRYPKJRTFKUSRXHQWUBDNTWONFHNJPMMEPNYFLCKUZUJBHZIIYXKDTPGYJEUYPFEQTKFULUCHEQPQHKYXOXZMDHHTHSDURWFKRZOPNMDBCGYLJCBRMMJHGXJNFIMPUNGEPOWLQDEUZUHHMSCMKBRDIIZDUICYEFIXNDGGSUFPXJQCOKDGIQBXKYBWSWLTGVJSKROBULHJUYYWQBFZFFJSMQCQPLTOIGZIZREKECIDSNIRTRGTDTSNPHELNZDJLWBCXHNFHTJXQCQMVJHOBIBIRYFFLPLENODVVVWZJEZNGCHVFZIIYXKDTPGYJEUYPFEQTKFULUCHEQPQHKYXOXZMDHHTHSDURWFKRZOPNMDBCGYLJCBRMMJHGXJNFIMPUNGEPOWLQDEUZUHHMSCMKBRDIIZDUICYEFIXNDGGSUFPXJQCOKDGIQBXKYBWSWLTGVJSKROBULHJUYYWQBFZFFJSMQCQPLTOIGZIZREKECIDSNIRTRGTDTSNPHELNZDJLWBCXHNFHTJXQCQMVJHOBIBIRYFFLPLENODVVVWZJEZNGCHVFZIIYXKDTPGYJEUYPFEQTKFULUCHEQPQHKYXOXZMDHHTHSDURWFKRZOPNMDBCGYLJCBRMMJHGXJNFIMPUNGEPOWLQDEUZUHHMSCMKBRDIDDBBKINLZLWSGMUZPJNEMWQVFGEOSHMSUEVYYRIOQMQQUUQDGKHBBFMYVIYLIPIULFPVOZEQBDGGUKZMXLCYQOHBNJSJWYDWDHJTDJYSSEBEJTUOOMVWFWCDEKMHLHXYTIERRRTUJGUCYDPQYDLMFNLMVLHFZQSCLJXPHBOXBHOZNLKTQFFKTVGPGDWUZGCLCKRNVKJZRIIXCUFVHGZIIFBRWEQSPPWNTMLLKSECJKDVQDZXXHTGXNVTNFKQEXRPDDBBKINLZLWSGMUZPJNEMWQVFGEOSHMSUEVYYRIOQMQQUUQDGKHBBFMYVIYLIPIULFPVOZEQBDGGUKZMXLCYQOHBNJSJWYDWDHJTDJYSSEBEJTUOOMVWFWCDEKMHLHXYTIERRRTUJGUCYDPQYDLMFNLMVLHFZQSCLJXPHBOXBHOZNLKTQFFKTVGPGDWUZGCLCKRNVKJZRIIXCUFVHGZIIFBRWEQSPPWNTMLLKSECJKDVQDZXXHTGXNVTNFKQEXRPDDBBKINLZLWSGMUZPJNEMWQVFGEOSHMSUEVYYRIOQMQQUUQDGKHBBFMYVIYLIPIULFPVOZEQBDGGUKZMXLCYQOHBNJSJWYDWDHJTDJYSSEBEJTUOOMVWFWCDEKMHLHXYTIERRRTUJGUCYDPQYDLMFNLMVLHFZQSCLJXPHBOXBHOZNLKTRUWQCTBMHSOBIEWIEBJTDIEWTYBEKSZSJWROQDVOYTIYWNRLUCERSQYZKZUCYBUVZXLMFLQRPVCWLVMNFSTHSGIJCBOZNKQXQYFKTUMTGWWUBFIPVUNFHPELSDIXDSLZIZZIJDHVXXQSPNDRNVHDVXYNDTXNCIUJYCTGXMCYOZKQEWXUEWBBLHTQTUSLRRPMQDNDMUWBGBENTFSWVYVXZPOSLVMIGBKOBTDSMLGKWCYLIONYMZPVOYJUCXGGUJFQRUWQCTBMHSOBIEWIEBJTDIEWTYBEKSZSJWROQDVOYTIYWNRLUCERSQYZKZUCYBUVZXLMFLQRPVCWLVMNFSTHSGIJCBOZNKQXQYFKTUMTGWWUBFIPVUNFHPELSDIXDSLZIZZIJDHVXXQSPNDRNVHDVXYNDTXNCIUJYCTGXMCYOZKQEWXUEWBBLHTQTUSLRRPMQDNDMUWBGBENTFSWVYVXZPOS

Pharming, Phishing, Vishing and Smishing Scams

The nature of these kinds of attacks means that the approach and method of the scams are only limited by the scammer's creativity. They usually take advantage of a current event or everyday products or needs, such as contact tracing for Covid-19, financial services, online or digital shopping/services, customer support (such as Microsoft or banking and internet providers), etc.


Pharming

In order to pharm information, a hacker installs malicious code on a computer or server. The code causes clicks on a website to redirect to a fraudulent website without your knowledge or consent.

Following basic computer safety guidelines should help to avoid falling victim to pharming, such as not opening suspicious links or attachments in emails or texts or on dubious sites.

When visiting a site that looks different from when you visited last, be suspicious. Don't click on it unless you are absolutely sure it is a reputable site and be careful of what personal details you enter on a website. If you must, share the minimum required details and always use a unique password on any website as legitimate and reputable websites can be compromised by hackers.


Phishing

"Phishing" is activity that attempts to fraudulently obtain sensitive information. Scammers use several methods to attempt to gain access to sensitive information such as identity documents or financial information.


Listed below are some questions to ask if you suspect you have been phished:

  • Do you know the sender of the email? If yes, still be cautious before clicking a link. If no, do not click any links.

  • Are there any attachments in the email? If so, is the attachment an executable (a file with the extension .exe, .bat, .com, .vbs, .reg, .msi, .pif, .pl, .php)? If so, do not click on the attachment. Even if the file does not contain one of the above-mentioned extensions, be cautious about opening it, code can also be injected in text, word or pdf documents. Contact the sender to verify its contents.

  • Does the email request personal information? If so, do not reply.

  • Does the email contain grammatical errors? If so, be suspicious.

  • If you have a relationship with the company, are they addressing you by name?

  • Have you checked the link? Mouse over the link and check the URL. Does it look legitimate, or does it look like it will take you to a different Web site?

You can use these same questions if you receive a vishing or smishing attack.


Vishing

Vishing refers to a phishing attack conducted over the phone. Scammers often misrepresent themselves as a service or product provider you may or may not be a customer of. They employ "social engineering" techniques to deceive you into providing information that others can use to access and use your important accounts or take out loans or credit cards, etc.


You can avoid being fooled by:

  • Looking up the phone number you have been called by or asked to call to see if it is legitimate. However, note that a scammer can make it appear they are calling from any number, so never give personal details over an unsolicited call. If anything, inform them you will call back. A scammer will pressure you to stay on the line, but a legitimate business will understand.

  • Forward the solicitation email to the customer service or security email address of the organization, asking whether the email is legitimate.

  • Do not panic. In the event that they claim to be the tax department, law enforcement or other authority. Just with a legitimate business, if the call is truly who they say they are, they will not threaten or be aggressive on the phone and will be happy to allow you to call back before talking to them.

  • Requiring payment through a service like MoneyGram or Western Union or gift cards is a huge red flag and you should hang up immediately.

Though vishing and its relative, phishing, are troublesome crimes and sometimes hard to identify, there are things that you can do to protect your identity.


Smishing

Smishing is the text message version of phishing. Usually, the text contains a URL or phone number. Just like phishing, the smishing message usually asks for your urgent attention.


Here's what to keep in mind to help you protect yourself against attacks:

  • Do not reply. Not even to unsubscribe as this can be a trick to identify active phone numbers.

  • If in doubt, call your bank or merchant directly. Legitimate organisations don't request account details or login information over text or email. Also, any notifications can be verified directly via an official phone line or through your online accounts.

  • Do not click any links or call any numbers in a message. Use official contact channels when you can.

  • Note the Sender ID or phone number. Odd-looking phone numbers can be evidence of email-to-text services or Voice Over Internet Protocol (VOIP) numbers which can be a tactic to mask the true source of a call or text.

  • Don't opt to save payment details on your phone or other devices. This is the best way to protect financial information from being stolen.

  • Use multi-factor authentication (MFA). This extra layer of security can prevent a scammer from accessing your accounts with an exposed password.

  • Do not give out passwords or recovery codes to anyone and you should only use them on the official sites. It is highly unlikely legitimate account support will contact you unexpectedly and they will have appropriate security access and not need you to provide them with account access.