Phishing, Vishing, & Smishing, Oh My!
By now, most of us are very aware of what phishing is, some of us are aware of what vishing and smishing are, but since these attacks still prove to be successful for cyber criminals, let us take a moment to review. Phishing is a distribution of emails seeking to gain personal or business information, typically by posing as a legitimate sender. These can be mass distributions or highly targeted attacks. Vishing is similar to phishing, but it is a phone call instead of an email. Smishing is also similar, but it is in the form of a text message.
With the up rise of phishing attacks US-CERT has released a tip sheet on how to protect from these types of attacks. One of their top recommendations is to be suspicious of all unsolicited emails, calls, or texts, especially those asking about employee or business information. They also suggest trying to verify directly from the entity who sent the email if it is legitimate. To do this, search for the entity online instead of clicking any links or using any phone numbers found in the phishing email.