What is Spear Phishing?
Though it may sound like a thrilling way to catch fish, Spear Phishing is far from exciting—and definitely not fun.
Spear phishing occurs when scammers use personal information to impersonate a legitimate business, often one you’ve interacted with before. Armed with details such as your name, address, date of birth, workplace, or alma mater, they craft messages to deceive you. How many of these details are on your social media profiles, like Facebook or LinkedIn, ready for scammers to exploit?
We’ve compiled a guide to keep you and your finances safe!
Which? revealed from their recent social media survey:
- 68% of respondents share their names.
- 46% disclose their ages.
- 35% reveal their locations.
Such information enables fraudsters to personalise scam messages with your name and location.
- 21% of respondents divulge their workplaces.
- 32% disclose their birthdays.
- 12% provide their phone numbers and email addresses.
With this data, a fraudster can impersonate a colleague or offer a job in your field.
- 18% of respondents share places they’ve visited.
- 9% disclose their real-time locations via public Facebook profiles.
Such information allows fraudsters to track your movements.
Even with tightened privacy settings on social media, this data may still reside on numerous vulnerable websites—like restaurant or ticket booking platforms—that could be hacked.
The intention isn’t to dissuade you from using these websites but to remind you to be cautious when receiving calls, texts, or emails requesting additional information or money.
Ways to protect yourself include using a ‘dummy’ email solely for logging into websites and social media, enabling you to spot scams by the email used. Check if your data has been compromised at haveibeenpwned.com or, for Google users, at passwords.google.com/checkup.
Additionally, install antivirus software to safeguard your data and consider making social media profiles private while assessing what you share online. (A WhatsApp group with close friends and family can keep them informed while evading prying eyes!)
Uncertain whether a message or website is authentic? Visit www.scamadviser.com and trust your instincts. When rushed, especially under pressure, scams often occur. Seek advice from friends, family, or call your bank on a trusted line.
Report incidents to Action Fraud at www.actionfraud.police.uk/reporting-fraud-and-cyber-crime or by calling 0300 123 2040.