Those were of course scam mails, and after a while no one bothered with reading those anymore. But beware: Phishing mails nowadays are no longer from Nigerian princesses. They are targeting you based on your actual on-line activities. Yes, it’s all about social engineering and the cybercriminals using this technique are getting really good at it.
Tailored to your activities and interests
Just take a look at the most recent example we featured on our blog: The German Job Center. The last thing you probably expect when registering and creating a job offer on this official government page, is that you’ll get mails that will lead you to ransomware. But receiving such a mail you will – it is tailored to you and makes you want to follow the link and open the dropbox file.
It’s by far not the first clever social engineering stunt scammers and cybercriminals have pulled though (but it is rather sophisticated). Especially gamers will be familiar with this one: You’ll receive an email that invites you to the latest beta test of a game you really really want to play. The phishing mail often includes a key and a link to the account page of the game – all you have to do is log in and enter the key. But beware! It could just as well be a phishing attempt. The login page is a fake one and once you enter you data your account is as good as lost.
What does this mean for you?
Your online identity – and e-mail – can be easily picked up, be it via data leaks or as in the German Job Center example through a listing. There is no stopping it from being used to create sophisticated phishing mails which are targeted to exploit your interests.
But don’t panic! There are some things you can do to avoid those kind of traps and keep safe:
- Make sure you have an Antivirus (for example Avira) on your PC and keep up-to-date with it to ID incoming attacks.
- Use your head when opening mails or attachments and following links.