With only a few days to go before the presidential election, the bad guys are stepping up their efforts to lure victims with phishing attacks aimed at obtaining identity cards and personal information, which could lead to the next big breakthrough. The threat is so great that the Best Business Bureau, the Identity Theft Resource Centre and the National Association of Government Election Officials have warned the general public.
Dial-up phishing attacks can spread superficially through channels of different formats, and unsuspecting users can be surprised. Phishing is the main cause of offenses, and all major offenses started phishing in 2022. Successful phishing attacks start with a compelling message, and this is perfect for cybercriminals because the message is designed to provoke an emotional response to rapid action. Here are a few examples:
- Polls and Voices: Bad actors can send emails or advertise on a social channel to request or participate in a survey. This is a good way to collect personal information (PII), such as social security numbers. E-mails asking you to confirm your status as a registered voter in order to participate in the survey are particularly suspicious.
- Petitions: It is customary to be passionately interested in political issues and to want to initiate change. Fraudsters play on this natural instinct and send false petitions asking for personal information.
- Requests for donations : As with petitions, online requests for money to support an important case or a particular candidate can be fraudulent. Fraudsters may impersonate campaign volunteers and ask for credit card numbers and other personal information to complete a donation. They can even pretend to be candidates by luring you in with a pre-recorded sound. (screen 1)
- Registration fraud: In the US, you cannot vote by phone, email or text message, but that does not stop fraudsters from convincing you that you are not. (screen 2)
These are just some of the ways bad actors rely on PII phishing, credit card fraud or money transfer fraud. Today, phishing attacks are not only carried out by e-mail, but also through various channels: SMS, messaging applications, social platforms, search engines, etc. According to the Verizon 2022 Mobile Security Index, up to 85% of phishing attacks on mobile devices occur outside of email. The number of phishing attacks based on SMS or SMishing has risen from 2 to 13%.
With the increasing mobility of employees and a 55% chance of working remotely according to Covid-19, the growing number of unprotected mobile and personal devices outside the network perimeter can expose companies to a high risk of fraud. Since the appearance of Covid-19 in 2022, the number of phishing attacks on mobile phones has even increased by 37%.
Take steps to protect yourself – and your organisation
With so much voice information from so many channels and sources, it can be difficult to know what is real and what is fraudulent. Historic elections, combined with the new teleworking standard of the Covida-19 era, have the unfortunate side-effect of broadening the landscape of the phishing threat, and cybercriminals are ready to attack it. Here are the four best methods to keep in mind:
- Do not misuse personal information. If you have been contacted by email or text message to verify voter details, conduct a survey, participate in a survey or sign a petition, consider what information you will be asked to provide. Legal questions usually ask how you will vote or which party you belong to, but they should not ask for personal information such as your social security number, date of birth or driver’s license. And if there’s a price, it’s most likely a scam. Similarly, some legitimate petitions may require basic information, but are likely to be fraudulent if too much personal information is requested. If you think they’re digging too deep, keep out of it.
- Study and understand the voting rights in your state. Each state has specific requirements and deadlines for voter registration and the electoral process. To protect yourself against this type of fraud, you need to familiarize yourself with the rules in your state. Read the latest information on the official website of your country. You can find them here.
- Explore fundraising organizations or make a donation through your candidate’s official website. It’s tempting to just click on a social ad or text message asking to help defeat your favorite candidate’s opponent, but resist the urge. It is best to go directly to the candidate’s website and make a donation.
- Implement phishing detection and prevention on mobile devices and browsers. Implementing real-time phishing protection at all endpoints beyond the protective perimeter of the corporate network is necessary to detect and prevent phishing attacks and the resulting damage. Artificial intelligence-based solutions such as SlashNext provide real-time protection through lightweight cloud-based applications and block malicious phishing sites inside and outside the network.
With the world’s largest phishing database
, the SlashNext AI phishing detection cloud with patented SEER technology has the largest phishing database in the industry with 99.07% accuracy and millions of false positives. SlashNext scans billions of Internet transactions and millions of suspicious URLs every day and uses virtual browsers to detect phishing attacks in real time across all communication channels – email, SMS, collaboration, messaging, social networks and search engines – up to 30 days before they appear in real time. So when phishing campaigns are launched, threats are already blocked by SlashNext and users are immediately protected.
After four days before the election – Don’t be fooled by the fish scam that first appeared on SlashNext.
*** This is the syndicated Security Bloggers Network blog by SlashNext, written by Lisa O’Reilly. The original message can be found at the following address: https://www.slashnext.com/blog/four-days-to-the-election-dont-fall-for-these-phishing-scams/.
voting results live,2020 election live,where do i vote #election2020,trump,knowbe4 quiz answers,infosec iq,lucy phishing,top 10 phishing websites,trap phishing definition,oversharing attack,can i vote anywhere in california,early voting california 2022,where to vote california primary,how to vote colorado,when to vote california,voting in california 2022