The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money.
When significant and newsworthy events occur, in this case the student loan forgiveness, certain kinds of opportunists almost always show up to build scams to capitalize on the attention. A lot of these scams will involve phishing, and one of the key ways to avoid getting caught by a phishing attack is to be aware of look-alike domains and websites. Threat actors are good at creating domain names that can fool a lot of users by looking very similar to legitimate domains.
It’s important to keep vigilant about phishing and its “cousins” (such as Smishing—phishing over SMS). They are forms of social engineering, and social engineering spans various technologies. It will always have some degree of efficacy as long as humans are in the loop. While ransomware makes news, the losses from phishing are still considerably higher, according to the FBI.
Ultimately, since this specifically affects people’s financial information, including their Social Security Number and other personally identifiable details, these kinds of phishing attacks can be devastating.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics