Question: What are some of the latest forms of phishing about which customers should be aware?
Answer:
As the economy continues to struggle, criminals continue to hone their tactics of stealing individuals' personal information. Two new types of phishing are becoming popular among criminals.
The first is a specific type of phishing known as spear phishing. With regular phishing, criminals may send out thousands of emails hoping to get a few respondents. The attack is directed toward individuals who have something in common; for example, they are all customers of a particular bank, they all work at the same company or they all shop at the same website. Criminals obtain these details by hacking into a company or institution's network or by looking through other related sites for information. They then create emails to mimic the official look of the company or institution's emails that in turn, lead recipients to an official looking website. Once at this fake website, respondents are asked to enter personal information.
Another growing type of phishing is called smishing. Smishing involves phishing via SMS (text) messages. Instead of having to go to the trouble to recreate the look of official emails, a smish message will send a text message that claims that the recipient either has to visit a website or call a toll free number in order to avoid being charged a fee by their bank or a company they use. Regardless of what the recipient chooses, their credit card information or other personal information will be requested by the criminal.
Banks can protect themselves and their customers in the following ways:
Remind customers and employees that the bank will never request personal information via email or text message.
If someone is in doubt about the legitimacy of a message, tell them to type the institution's URL into their web browser themselves or tell them to call an official number from the bank's website or from other documents obtained from the bank itself. Do not rely on anything from these messages.
Remind customers and employees to use phishing filters in their email and make sure that the IT department secures the bank's employee network.
Make sure that the bank has developed solid fraud prevention policies and procedures to protect customers.
Train employees to recognize potential phishing attacks. Solid employee training is the best line of defense against fraud.
Maintain records of training completion for all staff members.
The Edcomm Group
The Edcomm Group Banker's Academy is a 22-year-old multimedia training company, recognized by USA TODAY as the training provider of choice for the banking industry. The Edcomm Group Banker's Academy offers programs such as Compliance, Teller, Bank Secrecy Act (BSA), Anti Money Laundering (AML), Basel II, EEO, Sexual Harassment, Elder Financial Abuse, Credit Risk Management, Fraud Prevention, Mortgage Fraud Prevention, Security, Ethics, Collections, Foreclosures, OSHA, Lending, Sales & Service, System Simulations, System Conversions, Leadership, Operations Management, and individual job training and career development through http://www.jobtraining.bankersacademy.com. To learn more, please contact Dr. Linda Eagle, President of The Edcomm Group Banker's Academy, at +1.212.631.9400 or linda.eagle@edcomm.com, and visit us on the web at http://www.bankersacademy.com.
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
Print Friendly!
Email This Article!
Discuss NOW!
