Phishing is the act of sending fraudulent messages purporting to be from a reputable source, designed to trick individuals into revealing personal information such as passwords and financial credentials. This could then allow a hacker to steal money, take their identity or even coerce friends and family into giving them funds; like handing over the keys to your home.
Phishing is on the rise. The FBI reported that in 2020 there was double the number of phishing incidents than in 2019, and eleven times more than in 2016. With that in mind, here are the top 5 phone phishing scams to look out for in 2023:
PayPal Text Scam
There are a number of text scams that target PayPal users in order to steal their information. Often the message is intended to scare the victim into responding without thinking about whether it is a legitimate threat. Common messages include warnings that your account has been limited and needs verifying, a query about a recent payment they need you to check, confirmation of a recent order that you don’t remember making, or an offer of a gift card you’re not expecting. The message usually contains a link to a fake version of PayPal’s login page, designed to collect your username and password when you login. This enables them to hack into their PayPal account and steal money from any linked bank accounts.
DHL Phishing Email
A common phishing scam that is carried out over email is the DHL phishing email scam. Reports from victims state that the scam was received via an apparently legitimate DHL shipping email address complete with tracking number and link. The link itself takes the user to a fake login page where the individual’s information is stolen. In some variations of this scam, the message also includes an attachment loaded with malware that can then be used to spy on the victim’s device and steal even more sensitive information. This is where anti-spyware technology such as Certo AntiSpy (for iPhone) and Certo Mobile Security (for Android) comes into its own to combat this type of malware.
Chase Text Message Scam
The Chase text scam appears to be from Chase Bank with a login link. The message states that there has been a login to your Chase account and asks you to verify the activity using the included link. This takes you to a fake Chase Bank page where victims put in their details, which are then stolen by the criminals responsible. Chase themselves have created a page on their website which shows which numbers they use for each service so that you can recognize them. While this will give people the ability to make a more informed decision, it is not a cure for all as many scammers will make it look like they are using legitimate channels of communication.
Amazon Fraud Text Message
When shops closed and lockdowns were enforced for the first time, Amazon sales increased exponentially. Criminals were quick to take advantage and as a result, Amazon-based text scams increased in line with the rise in the use of Amazon as a service. The texts center around scammers posing as Amazon and asking victims for their ‘delivery preferences’, referencing a fake Amazon Prime account, or even ‘alerting’ people about suspicious activity on their account with a login link. Again, the link will follow the same formula as other scams in taking you through to a false website where a form is set up to steal your information.
As well as the text scams, many criminals have also been using fake Amazon emails to try and catch people unawares. These scams have become so prevalent, in fact, that mainstream US media have been covering the story.
Verizon phishing text message
The Verizon text scam works in much the same way as many other phishing scams. The message pretends to be coming from a legitimate Verizon source. They send a message saying that ‘Your Verizon account security needs validation’ with a link that is then used to steal your information. This one, however, seems to be more sophisticated. So much so, that How to Geek called it ‘shockingly convincing’. So, it is even more prudent than usual to make sure that any communications that you have with the company is coming from a benign source.
With the sharp increase in phishing attacks showing no sign of slowing down, the only way to combat them is to be able to recognize the signs. Businesses will make it clear how they communicate with their customers and will never ask for information over text or email. Scammers often use fear as a driver to obtain sensitive information. Before making any snap decisions, take some time to review the company website, look for known scams and always go directly to the websites or services instead of clicking on any links provided by the sender.
Other tactics to keep you safe from phishing attacks are to use two-factor authentication to keep scammers out of your accounts, and never use the same password for multiple services. You can also check to see if your password has been breached on apps such as Certo Mobile Security for Android (coming soon to iOS), giving you peace of mind that you can continue to use them.