What’s one thing we can count on in the world of online bad behavior? Cyber scammers will continue to seek ways to take advantage of you by relying on your interest in current events.
Malware writers are renowned for playing off of public interest in the latest breaking news to trick computer users. And there are few things more newsworthy, and often volatile, than political situations around the globe. This month, find out how to avoid political phishing and online scams by taking a look at one specific example – the U.S. election season.
Understanding the Threat
Social engineering attempts – when users are manipulated into performing certain actions or disclosing confidential information – are becoming more sophisticated and increasingly prevalent.
Events that draw widespread public interest will, without a doubt, be used to propagate socially-engineered ploys. Cyber scammers have been laying out tricks and setting traps in order to take advantage of your interest in political current events. How is this done? They look for the topics of interest, leveraging your desire to learn more about it, to donate money to support a certain group, or even to register to vote, ultimately aiming to get you to divulge information or money.
Because of that, in the U.S., this year's presidential election was not just a political hot topic – it also found its way into the security arena.
The Bad Behavior
Months ago, security experts began predicting that online scammers would take advantage of the media hype surrounding the U.S. presidential candidates to prey on computer users. This has taken shape by way of politically-themed phishing attempts, spam and various other online scams.
Below is a recap of a few of the ways cyber criminals attempted to get past your defenses. We have seen the online risks being noted and reported in a number of ways, including the following:
These tactics can provide insight into the methods you need to be on the lookout for. In the months to come, you can be sure that other political hot topics around the world will generate similar bad online behavior.
While you cannot anticipate all events that may be taken advantage of, here are steps you can take to ease your chances of getting scammed:
- Be aware of popular phishing scams. The best way to beat social engineering scams is awareness. Familiarize yourself with common phishing scams so you know what to expect. Refer to archives like the one on the Anti-Phishing Working Group site to see updated examples of scams.
- Get your news from a reliable source. If you are curious about the facts of the latest news story, go directly to a trustworthy online resource. Do not trust links in instant messages, e-mail and other personal messages.
- Give directly to the source. If you intend to donate online to a political campaign or group, play it safe by going to the organization’s website by manually typing the address in to your browser (double-check that the spelling is correct), and not by clicking any links sent in an e-mail.
- Don’t be tempted by unsolicited messages. Spammers try to lure you to open messages by promising videos or information that they think will pique your interest. Never click on links or open attachments from unknown senders.
- Guard your PII. Exercise caution whenever you give out your personally identifiable information (PII). Phishing sites can look surprisingly similar to legitimate websites, and it’s often hard to tell at first glance that you are being deceived.
- Avoid installing unknown files. Scan programs and files that you download from the Internet or from your e-mail with updated security software.
- Protect your PC. Have updated security software in place (anti-spyware, anti-virus and a firewall) and make sure your operating system and applications are fully patched.