You’ve probably come across one in your inbox: a phony email pretending to be from your lender, alerting you that your account has been blocked because an unauthorized person may have accessed it.
Such messages are a classic example of “phishing,” a swindle that scammers have been using for years in their attempts to steal personal data from consumers. Phishing is meant to trick you into sharing sensitive information by posing as a bank or another company. The scams also can try to fool you into clicking on a link that infects your computer with malicious software.
But here’s something you might not know: Experts say phishing is on the rise, even though, presumably, more consumers are aware of the schemes than ever before.
It’s a point worth keeping in mind as many of us increasingly bank online.
Karl de la Guerra, who runs a Charlotte-based company that provides security-consulting services to businesses and law enforcement agencies, told me phishing scams targeting all types of consumers are growing on a global level for one main reason: They work.
With hundreds of millions of people online, the odds that someone is going to fall for a phishing attempt make them attractive to criminals, he said.
“If there were only 10,000 people using the World Wide Web, this wouldn’t be too much of a scam, but it’s all based in volume,” he said.
“Do I see it slowing down? No.”
Phishing can affect all kinds of companies. But banks remain among the most popular targets because of their global reach and their large numbers of customers and transactions, de la Guerra said.
The criminals involved in phishing can be found all over the world, although Asia and central Europe are hotspots, he said. In a scene that sounds straight out of a movie, de la Guerra said some of the fraudsters tap away on laptops eight to 12 hours a day in warehouse-size buildings that can house 100 or more cybercriminals.
Not all phishing emails are the same, and some might be harder to spot than others. Generally, if you see misspellings in an email purporting to be from your lender, that might indicate a scam. The same goes for an email that asks you to reply to it with your personal information.
Your bank’s website will likely have more tips for ways to avoid falling prey to phishing.
Like some other types of banking scams that use relatively old technology – think “skimming” devices placed on automated teller machines by criminals to steal card data – phishing is one lenders continue to face.
About six years ago, experts were predicting the end of phishing, thanks to filters designed to protect computers from harmful software, Avivah Litan, security analyst for Connecticut-based Gartner Research, told me.
“It never died down,” she said. “Anyone that wants to attack anyone, generally the most common method is sending a phishing email.”