May 2, 2019
As I scanned the list of my unread emails, one stood out, coming from alerts@citibank.com. The message indicated there was a problem with a credit card transaction, a link was provided to learn more about this problem. I clicked on the link and was taken to an official-looking Citibank web page with a form to login to my account.
Fortunately, I did catch myself before completing the login, realizing that this was a classic phishing attack to trick me into providing my login credentials on a fake web page.
According to a 2019 Report by PhishLabs, approximately 65% of all phishing attacks were part of a credential theft scheme. The article claims Nation-state actors use phishing attacks to gain strategic access to target environments, such as the armed forces, all areas of the federal government, the power grid, corporate research and virtually all areas of intellectual property.
Join me and Colin Bastablé as we discuss the various types of cyber attacks and how Lucy Security helps organizations defend against these attacks.
All of us folks who use E-mail, especially those of us who use it for financial transactions, should listen to this podcast. Fortunately I have been aware of this phishing scam and other tricks for some time and haven't (yet I hope not) been a victim. I never click on any links within an E-mail unless I know the sender (although that filter isn't always foolproof), but I don't click on any links from a financial institution (but type-in the institution's URL myself) as what you see in the link is just a bunch of alphanumeric characters that point to the actual URL (see Jim's first sentence above). Great Podcast!
So, Jim, here's an example of the URL trick. Here's a link that if you click on it
you will be taken to your podcast: TrickURL So what you see may not be
what you get!
-- Frank