Unfortunately, cyber criminals continue to evolve and invent new ways to steal individual’s money or information. One new technique that is becoming more apparent is personalized scams: when a cyber criminal finds or purchases a database of people’s names, passwords, phone numbers or other details, and then targets the individual through this information.
The new SANS newsletter dives into personalized scams, how to spot them and what to do if the scam is recognized. Read the full newsletter here.
These scams have a recognizable pattern that cyber criminals typically follow. After finding your information, the cyber criminal will likely use tactics like fear or extortion to obtain payment, such as sending an email that your password for a certain website has been hacked by them and you must pay them an extortion fee. In almost every situation, the cyber criminal did not hack your system and just uses details to scare users into believing them.
Personalized scams are the scams of the future since there is an abundance of information that is available for purchase online. Some clues to look for in these scams are urgent emails, messages or phone calls that attempt to invoke fear or urgency, and demanding payment through untraceable methods. After receiving these, a simple Google search can help determine if others have received these suspicious calls or emails, and if it is indeed a scam. Using a long password for online accounts and enabling a two-step verification whenever possible can also help curb cyber attacks.