Phishing is a term that was created in 1996, but it is still unknown to many people. However, while the term may be unfamiliar, examples of phishing are extremely common.
You know that friend of yours who clicked on a link through WhatsApp and had his/her account stolen? This is phishing.
Or that email you received that looked authentic but when you paid attention to the details, you realized it was a scam. This is another example of phishing.
While it seems that this type of situation happens to few people, the truth is that Brazil is the country with the most attempted scams in the world.
To prove this, we have the 2022 data from the Serasa Experian credit bureau. It states that every 7 seconds there is a record of attempted fraud in Brazil.
When we only look at attacks via WhatsApp, we have an impressive number of 76,000 fraud attempts. This data was shared in a Kaspersky consultancy report in 2022. Because of these numbers, Brazil is considered the country with the most attempted scams worldwide.
The reality of the attacks in Brazil
Virtual attacks are increasingly common, from messages via WhatsApp and other social networks to complex scams.
According to Kaspersky consultancy, more than 27% of phishing attempts happen in delivery services. In this type of situation, criminals trick victims into believing that they are representatives of logistics companies.
In addition to deliveries, it is common for payment systems and banks to be chosen as well. In this sense, if you are not careful, you may end up sharing your account details. And as a result, you lose your personal data as well as money.
Finally, the 2022 data also show that of the 257 terabytes of data breaches around the world, 43% happened in Brazil.
Even though the General Data Protection Law (GDPL) exists, it is still difficult to control data and protect people completely. Therefore, for inspection and control to take place efficiently, it will be necessary to hire more people and create investigation agencies.
Phishing and its variables Smishing and Vishing
In general, phishing is a type of cybercrime that delivers bait to people. The goal is for people to take the bait and take actions that will be problematic for themselves.
Within the term phishing, we have the definitions of smishing and vishing, which are more specific examples of virtual attacks. One example is when text messages are used, and another is when scams are carried out over the phone.
What is Phishing:
First of all, understanding the origin of the term phishing helps to identify what it means. Phishing comes from English, the word fishing. This name was created several years ago, in 1996, and even today it makes sense that the name is that. Even though today phishing means darker and deeper crimes, the old nomenclature can still be used.
In this sense, the main objective of a criminal who performs a phishing attack is to deceive people through baits. Through the scam people share their confidential information like credit card data and personal passwords.
To prevent an attack like this, it is essential that you are always alert when it comes to sending personal information through online channels. In addition to you as an individual, if you own a company, it is essential that team members know what to do in complicated situations.
To guarantee qualification, it is very important that training and simulations are carried out periodically by the company.
What is Smishing:
Smishing is nothing more than a specific type of phishing. In this type of crime, text messages are sent to the victim's cell phone.
Perhaps you have already received such a message. However, if you still don't know about the attack, you must know that it is very common for messages to direct people to click on a link, for example. Other common situations are requests to fill out a form or reply to a message sent.
A situation that happens a lot is when a clinic, for example, sends messages asking for some registration information to update in the system. However, this contact is fake, and the criminals already come to the conversation with some personal data in hand, making it even easier to convince the victim that they are legitimate requests.
Another example of smishing that works very well is when a very large reward is offered to the victim. And even if it's something unbelievable, many people end up clicking on the links and falling for the smishing scams.
A simple way that can help you avoid suffering a smishing scam is not to act on impulse. Another important point is to keep bank details and credit card numbers away from your cell phone.
What is Vishing:
Finally, let's talk about the Vishing attack, which is carried out through phone calls. In English, the term means Voice Phishing.
In this way, the attacks take place in real-time while in contact with the victims, who are manipulated to share their confidential data. In addition to this direct contact, it is also possible to see Vishing attacks through recorded messages.
In this case, prevention is controlling the information you share through phone calls. Also, avoid contacting any new phone numbers that are shared during the call.
The scams are getting more and more advanced
A few years ago, it was common for sites with “HTTPS://” in the URL to be considered safe. However, nowadays it is possible to imitate this type of page even if it is a dubious URL.
According to the 2023 Global Threats Report, it was possible to notice that in 2021 31% of phishing cases used HTTPS in the URL. In 2022, on the other hand, the number increased to 49% of phishing records.
This evolution in phishing attacks happens because criminals understand what people are looking for online. Through social engineering practices, it is possible for criminals to convince people to perform certain actions that are harmful to themselves.
Are you interested in learning more about the subject of phishing attacks? Then you need to know our Youtube channel and the specific video about this type of situation. Click here to watch it!
Do you have any questions or are you interested in learning more about our solutions?