TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      MTN hires outgoing Icasa CEO Willington Ngwepe into top role

      16 August 2022

      Rain in embarrassing climbdown over Telkom statement

      16 August 2022

      Jo’burg to issue RFP for 500MW of electricity ‘within weeks’

      16 August 2022

      Load shedding returns, and may last until Thursday

      16 August 2022

      Coal miner Seriti plans R12-billion Mpumalanga wind farm

      16 August 2022
    • World

      Semiconductor boom turns to bust

      16 August 2022

      Tencent plans to offload R400-billion Meituan stake: sources

      16 August 2022

      Ether leaps higher on verge of Merge

      16 August 2022

      Institutions eye crypto but retail investors remain nervous

      15 August 2022

      Tencent woes mount, even after $560-billion selloff

      12 August 2022
    • In-depth

      African unicorn Flutterwave battles fires on multiple fronts

      11 August 2022

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022
    • Podcasts

      Qush on infosec: why prevention is always better than cure

      11 August 2022

      e4’s Adri Führi on encouraging more women into tech careers

      10 August 2022

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022
    • Opinion

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022
    • Company Hubs
      • 1-grid
      • Africa Data Centres
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»In-depth»E-mail scams are getting chillingly personal

    E-mail scams are getting chillingly personal

    In-depth By The Conversation17 July 2022
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    We all like to think we’re immune to scams. We scoff at e-mails from an unknown sender offering us R2-million in exchange for our bank details. But the game has changed, and con artists have developed new, chilling tactics. They are taking the personal approach and scouring the Internet for all the details they can find about us.

    Scammers are getting so good at it that even cybersecurity experts are taken in.

    One of the authors of this article (Oliver Buckley) recalls that in 2018 he received an e-mail from the pro-vice chancellor of his university:

    “This is it, I thought. I’m finally getting recognition from the people at the top. Something wasn’t right, though. Why was the pro-vice chancellor using his Gmail address? I asked how I could meet. He needed me to buy £800 worth of iTunes gift cards for him, and all I needed to do was scratch off the back and send him the code. Not wanting to let him down, I offered to pop down to his PA’s office and lend him the £5 note I had in my wallet. But I never heard back from him.”

    The infamous “prince of Nigeria” e-mails are falling out of fashion. Instead, scammers are scouring social media, especially business-related ones like LinkedIn, to target people with tailored messages. The strength of a relationship between two people can be measured by inspecting their posts and comments to each other. In the first quarter of 2022, LinkedIn accounted for 52% of all phishing scams globally.

    Psychologists who research obedience to authority know we are more likely to respond to requests from people higher up in our social and professional hierarchies. And fraudsters know it, too.

    Scammers don’t need to spend much time researching corporate structures. “I’m at the conference and my phone ran out of credit. Can you ask XXX to send me report XXX?” runs a typical scam message.

    Fraudsters are using spam bots to engage with victims who respond to the initial hook e-mail

    Data from Google Safe Browsing shows there are now nearly 75 times as many phishing sites as there are malware sites on the Internet. Almost 20% of all employees are likely to click on phishing e-mail links, and, of those, a staggering 68% go on to enter their credentials on a phishing website.

    Targets are normally chosen based on their rank, age or social status. Sometimes, spamming is part of a co-ordinated cyberattack against a specific organisation so targets are selected if they work or have connections to this organisation.

    Fraudsters are using spam bots to engage with victims who respond to the initial hook e-mail. The bot uses recent information from LinkedIn and other social media platforms to gain the victim’s trust and lure them into giving valuable information or transferring money. This started over the last two to three years with the addition of chatbots to websites to increase interactions with customers. Recent examples include the Royal Mail chatbot scam, DHL Express and Facebook Messenger. Unfortunately for the public, many companies offer free and paid services to build a chatbot.

    Spear phishing

    And more technical solutions are available for scammers these days to conceal their identities such as using anonymous communication channels or fake IP addresses.

    Social media is making it easier for scammers to craft believable e-mails called spear phishing. The data we share every day gives fraudsters clues about our lives they can use against us. It could be something as simple as somewhere you recently visited or a website you use. Unlike general phishing (large numbers of spam e-mails) this nuanced approach exploits our tendency to attach significance to information that has some connection or for us. When we check our full inbox, we often pick out something that strikes a chord. This is referred to in psychology as the illusory correlation: seeing things as related when they aren’t.

    Even if you’re tempted to bait e-mail scammers, don’t. Even confirming your e-mail address is in use can make you a target for future scams. There is also a more human element to these scams compared to the blanket bombing approach scammers have favoured for the last two decades. It’s eerily intimate.

    One simple way to avoid being tricked is to double-check the sender’s details and e-mail headers. Think about the information that might be out there about you, not just about what you receive and who from. If you have another means of contacting that person, do so.

    We should all be careful with our data. The rule of thumb is if you don’t want someone to know it, then don’t put it online.

    The more advanced technology gets, the easier it is to take a human approach. Video call technology and messaging apps bring you closer to your friends and family. But it’s giving people who would do you harm a window into your life. So, we have to use our human defences: gut instinct. If something doesn’t feel right, pay attention.The Conversation
    Written by Gareth Norris, senior lecturer, department of psychology, Aberystwyth University, Max Eiza, senior lecturer in computer security, Liverpool John Moores University, and Oliver Buckley, associate professor in cybersecurity, University of East Anglia
    This article is republished from The Conversation under a Creative Commons licence.

    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleAfter years of flirting, MTN is in talks to buy Telkom
    Next Article TechCentral reader survey: win a R5 000 online voucher

    Related Posts

    MTN hires outgoing Icasa CEO Willington Ngwepe into top role

    16 August 2022

    Rain in embarrassing climbdown over Telkom statement

    16 August 2022

    Jo’burg to issue RFP for 500MW of electricity ‘within weeks’

    16 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    HPE SimpliVity: addressing SMBs’ data conundrums

    16 August 2022

    Digital transformation – don’t get caught unprepared

    16 August 2022

    Seven reasons your business needs IP surveillance cameras

    15 August 2022
    Opinion

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    South Africa can no longer rely on Eskom alone

    4 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.