June 25 (Portaltic/EP) –
Users can prepare to avoid falling into digital scams, but cybercriminals are developing new techniques to deceive even the most cautious, as is the case with cloning ‘phishing’, capable of replicating an email that the victim has previously received.
Cloning ‘phishing’ is a scam where a cybercriminal replicates an email or website, looking virtually identical to the original and containing legitimate-looking details, to trick the victim and steal their personal information.
This technique is more difficult to detect than other types of attacks, as NordVPN warns, because “the emails are usually very personalized, even replicating something that the victim has previously received,” explains the cybersecurity specialist of this firm. , Adrianus Warmenhoven.
For it to work, the attacker first intercepts a message sent to a user from a legitimate source, such as a bank, customer service, money transfer website, or company. This allows you to create a replica of the email and send it to the victim with a message urging them to take an action.
Scammers want their victims to act quickly, so phishing emails always sound urgent. Some common social engineering tactics involve asking users to change their passwords or provide other sensitive data because their account has been ‘compromised’.
By believing that the email comes from a legitimate source, from an entity with which they have exchanged messages, the victim is more susceptible to opening the email, and even clicking on a link or an attached file, which opens the door to ‘ malware’ on the device and facilitates the theft of information.
Although they are more difficult to detect, Warmenhoven advises checking the sender’s email address. They usually look similar to the original, but include small variations, such as dashes or additional symbols.
You should also avoid clicking on the links unless you are absolutely certain that the email is not a scam. And use antispam filters, especially if you receive many emails each day, because they analyze the content and identify unsolicited or dangerous messages.
Add Comment