Netflix, Google, Facebook—not even the biggest companies are safe from attempted phishers.
At its simplest, phishing is an attempt to get sensitive personal information like passwords and account info for malicious purposes. The attacker poses as a trustworthy person or organization known to the victim—the more well-known and respected, the better—in order to obtain information.
Though phishing may seem like an IT problem, it impacts marketers as well. When your company falls victim to a phishing attack, it harms the brand name and could potentially interfere with your SEO ranking or conversion rates. Also, as the holders of company social media, blog, and email passwords, marketers should be aware of phishing attempts for their own protection too.
The first step in prevention is education. Phishing has evolved over recent years, becoming more sophisticated and harder to recognize. Here are the five phishing techniques to be aware of.
1. Spear Phishing
In the past, phishing emails frequently went out to a large number of email addresses, casting a wide net to catch a small number of unsuspecting users. Today, however, scammers have narrowed down their targets and devoted more attention to details, making the email more believable and more likely to trick the receiver.
2. Session Hijacking
Scammers are capable of stealing information by intercepting sensitive information you submit on a web form—like passwords or credit card info—and then using it for their own gain. For marketers, this means getting an SSL certificate (detectable with “https” in the URL and a small lock symbol or the word “secure” before the URL) for your company’s website is absolutely necessary. As more consumers understand the dangers of an unsecured page, your site traffic and conversions will depend upon the security of your site.
3. Content Injection
This is a sneaky technique where phishers hack a particular site and insert their content somewhere in the middle of a genuine article. Within their text, there are malicious links, and when users click on it, they are redirected to a website that seems legit but requires personal information to enter.
4. Search Engine Phishing
Phishers use search engines to redirect users to e-commerce sites with seemingly great offers and deals. If users choose to purchase something, phishers redirect them again to a fake payment gateway where scammers collect personal information.
Ransomware is malware that makes its way onto a victim’s PC, usually after the victim is convinced it’s nothing more than some sort of standard procedure. Phishers have become really good at social engineering, so users are usually not that suspicious. They do as they are instructed: Most frequently, they click on a certain link that releases malware, denying them access to their files or device—until they pay ransom.
Once marketers are able to identify scam attempts quickly, they can alert their customers so they can better protect themselves. Make sure your customers know which email address they should expect newsletters from, and be transparent about the links you’re adding to your content. On the technical side, SSL certificates are a must for your site. You’ll want to be selective about which domain hosts your website, so find a domain that clearly defines its spam policy and promises to remove accounts with spammy activity.
The internet has become a part of our everyday lives and a necessary component of business. However, staying safe and secure online should be your number one priority, both for yourself and for your customers.