Who Wants to Get Phished?

More than likely our readers have heard about phishing scams and the aftermath of a successful attack. However, as the threat landscape grows, so does the terminology.

Let’s summarize quickly:

Phishing is a social engineering attack intended to gain unauthorized access to a network or to steal credentials in order to gain access to systems. Sounds simple, right? As there are new kinds of players in the spammer’s world, there are also new ways of phishing.

Let’s meet them! I’d like to welcome Spear Phishing, Whaling, Smishing, and Vishing to the party!

Spear phishing is targeted at a specific group of people. Sometimes after some initial potential scammee interview (aka reconnaissance) they have some idea in their heads as to the type of scheme to deploy in order to get the maximum return.

Whaling is almost the same thing as spear phishing, except whaling targets the executives. After some (definitely required) recon, the bad actors will target higher levels of the targeted business environment with their viciousness.

Smishing is the phrase used to describe situations such as those strange text messages from a bank you may or may not do business with telling you that your account has been locked and to use the provided link to update your information. Phew.

And, last, but certainly not least, Vishing – or the words ‘voice’ and ‘phishing’, smushed together. These are the ‘car warranty’ people who call incessantly, the poor souls that social media influencers try to “give it back” to. Most times, its funny, I don’t care who you are, but sometimes it’s very scary. Many times, the scammers record the call and use your voice for all sorts of things unbeknownst to you. (My personal opinion of an appropriate response is shown below but in no way represents the procedures of Heath Consulting, LLC)

I’m a firm believer that it takes a village, but first we all need to be headed in the right direction – a bit of knowledge and some realization that we need to help protect one another is essential. So are good MSPs.