5 Cybersecurity Scams to Watch Out For

Phishing: Phishing is one of the most common tactics leveraged by today’s ransomware hackers, typically delivered in the form of an email, chat, web ad or website designed to impersonate a real system and organization. Often crafted to deliver a sense of urgency and importance, the message within these emails usually appears to be from the government or a major corporation, and can include logos and branding.

Baiting: Similar to phishing, baiting involves offering something enticing to an end user in exchange for private data. The “bait” comes in many forms, both digital, such as a music or movie download, and physical, such as a branded flash drive labeled “Executive Salary Summary Q3 2017” that is left out on a desk for an end user to find. Once the bait is taken, malicious software is delivered directly into the victim’s computer.

Quid Pro Quo: Similar to baiting, quid pro quo involves a request for the exchange of private data for a service. For example, an employee might receive a phone call from the hacker posed as a technology expert offering free IT assistance in exchange for login credentials.

Pretexting: Pretexting is when hackers create a false sense of trust between themselves and the end user by impersonating a co-worker or a figure of authority within the company to gain access to private data. For example, a hacker may send an email or a chat message posing as the head of IT Support who needs private data in order to comply with a corporate audit (that isn’t real).

Tailgating: Tailgating is when an unauthorized person physically follows an employee into a restricted corporate area or system. The most common example of this is when a hacker calls out to an employee to hold a door open for them, claiming they’ve forgotten their RFID card. Another example of tailgating is when a hacker poses as a coworker and asks an employee to “borrow” a private laptop for a few minutes, during which the criminal is able to quickly steal data or install malicious software.