Phishing, Smishing, and Vishing?!?

“77% of cybersecurity leaders saw an increase in number of cyberattacks since last year”. (Mimecast)

Phishing, smishing, and vishing are all different types of cyber-attacks that aim to trick individuals into sharing their personal information, such as login credentials, credit card details, or other sensitive information. Although these attacks have different names, they all have the same goal – to steal your information.

Phishing is the most common type of attack and occurs when cybercriminals use email, text messages, or social media to send a message that appears to be from a legitimate source, such as a bank or e-commerce site. The message usually contains a link that takes you to a fake website that looks identical to the real one. The site will ask you to enter your login credentials, and once you do, the attackers will have access to your account.

According to Sophos, attackers relentlessly target organisations with spam, phishing, and advanced socially engineered attacks, with 41% of IT professionals reporting phishing attacks at least daily.

Smishing is similar to phishing, but instead of an email, the attacker sends a text message that appears to be from a legitimate source. The message will usually ask you to click on a link or reply with your personal information.

An Estimated 2,649,564,381 Smishing Messages Were Sent per Week in April 2022, according to Earthweb. 

Vishing, on the other hand, is a voice-based attack where the attacker calls you and pretends to be a representative from a legitimate company. They will use various techniques, such as urgency or intimidation, to persuade you to provide your personal information over the phone.

According to Earthweb, Yorkshire and Humber are the most-targeted British locations for vishing attacks!

To protect yourself from these types of attacks, it is essential to be vigilant and take precautions.

Here are 6 of our top tips to keep in mind:

1. Be cautious of any unsolicited messages or calls asking for personal information.
2. Do not click on links or download attachments from unknown sources.
3. Check the URL of any website before entering your login credentials. Look for the padlock icon in the address bar and ensure that the URL starts with “https.”
4. Use two-factor authentication whenever possible.
5. Keep your software and antivirus programs up-to-date.
6. Educate yourself and your colleagues on these types of attacks and how to identify them.

If you’re seeking assistance in navigating this cybersecurity landscape, consider reaching out to Riven.

We prioritise understanding, planning, and adapting to any changes that may impact your environment.

Feel free to contact us at 01784 437 123 or via email at enqs@rivenassociates.co.uk.

Additionally, you can sign up for our monthly newsletter  to stay updated on the latest cybersecurity insights and strategies.