Still, thousands of people clicked on the link in the email, taking many of them to a harmless Google search results page for "Walmart." Others weren't so fortunate.
The link led to the invisible download of malware that covertly infected their personal computers, turning them into remotely controlled robots for hackers.
Phishing, also known as “brand spoofing” or “carding”, is a term used to describe various scams that use (primarily) fraudulent e-mail messages, sent by criminals, to trick you into divulging personal information. The criminals use this information to steal your identity, rob your bank account, or take over your computer.
With spear-phishing they use social engineering – researching social media and other publicly available online sources – to profile high value targets and personalize bogus emails. Broader phishing campaigns may engage partners in crime to conduct high volume mailings, but very realistic looking emails will invariably hook a significant number of users who will download a malformed spreadsheet or click on a link to a fraudulent website.
Make no mistake, phishing and spear-phishing works. RSA recently reported that in 2013 there were nearly 450,000 phishing attacks and estimated losses of over $5.9 billion.
Even before phishing became so prevalent, legitimate businesses and financial institutions would hardly ever ask for personal information via e-mail. If you receive such a request, call the organization and ask if it's legitimate or check its legitimate Web site. Look for misspellings and bad grammar. While an occasional typo can slip by any organization, more than one is a tip-off to beware.
In the fake-Wal-Mart attack, people missed clear warning signs — such as the company name being misspelled and the sender's address being very long and strange.
Phishing is a modern hydra, cut of one head and two more grows out. The only way to actually combat phishing is with awareness and to starve it out. I personally think this is a result of the young age of the Internet; people are simply not accustomed to online scammers the same way we are local market hustlers. In a few years phishing and scamming will probably have malnourished itself out of existence, but until then we all need to be aware.
Please don't feed the phish.
I work at a place where people regularly click on those things even when we educate them. It works unfortunately.
SvaraRaderaWell your working at it anyhow, and thats good. I think this will fade as people get more accustomed to scamming, but until then there is always going to be people falling for it. As long as you dont get scammed by nude aliens I think you're gonna be fine :).
Radera