In response to reports prolific phishing campaign Shop16 has expanded its operation with new attacks that target PayPal accounts, an expert from KnowBe4 offers perspective.
Phishing will continue to be a tool in the hacker toolbox and these kind of attacks show an evolution of techniques and tools used to get people to unknowingly give up their login credentials to financial websites.
Organizations that provide security awareness training for their employees give them the knowledge to be alert to emails asking the user to click a link to login into the financial site. Of course, the site will look real, but it\’s fake. The goal is to collect the username and password from the victim.
For consumers, it\’s important to consider the following to protect themselves with their financial websites:
1. Financial institutions will never ask you to click a link to log into their website.
2. Always use your own bookmarked link or shortcut to visit the financial institution\’s website to log in if there is a problem.
3. Use Two Factor authentication (2FA) to access any financial account, which will involve the username, password and then a code from an application or text message with a code
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics