Phishing, smishing and vishing

Phishing, smishing and vishing are all attempts to defraud you through email, mobile, and telephoning scams respectively. Letting your guard down just once can lead to a cascade of a serious losses.
 

Many ways to defraud you

Phishing, smishing, vishing defined

Phishing is a scam that takes place by email. A typical phishing attack occurs when a legitimate-looking email, appearing to come from a bank or other financial institution, is sent to you requesting you to click on a link to update or verify your personal or account information.

The fraudsters often try to scare you into opening a phishing email by saying 'Your account has been accessed' or 'Your account will be blocked', or they entice you to click on links by saying 'You have had a large deposit made into your account' or 'You need to install new software to protect yourself'. When you click on the link in the email, it directs you to a legitimate-looking website. After you enter your personal details, account details, PIN and password on the fake website, the information is forwarded to the fraudsters, who are then able to access your bank account allowing them to transfer funds from your account into specially opened bank accounts. These accounts are then cleared of the transferred funds within minutes.

Smishing is much like phishing, except that text messages sent to cellphones are used rather than emails. In a smishing message you could be requested to click on a link in the text and be redirected to a legitimate-looking website where you are requested to supply your personal and/or account information, just as you would in a phishing scam. You could also be requested to contact a tollfree number where a fake automated voice-response system requests you to provide personal information, such as passwords and PINs.

Vishing entails social engineering over the telephone where you are called and lured into divulging personal information to an automated system. Fraudsters also use a technique called ‘caller identity spoofing’, where calls appear to be made from a legitimate or known number, allowing the fraudster to obtain your personal details.

Phishing involving email accounts

This phishing scam involves the collection of usernames and passwords for email accounts by cybercriminals. Once they have this information, they hijack the email account and if the account is used for banking or business purposes, they impersonate the accountholder and order goods or services, request that banks make transactions on their behalf or notify business clients of a change of banking details.

How does a cybercriminal gain access to your email account?

You receive an email that purports to be from Hotmail, Google, Yahoo, etc (email addresses ending with gmail, yahoo, etc) stating one of the following:
 

• Your email inbox is full and you must use the link provided to delete messages or increase your mailbox size.
• Important and for immediate attention: Please log in using the link provided.
• We are experiencing congestion due to anonymous registration of accounts and are closing some email accounts. Please confirm that you would like to retain the email account by logging on through the link provided.

Other tactics include posing as a company such as SARS and requesting you to log on to your email account through the provided links to access your online tax information.

You could also unknowingly download malware on your computer when you open an unsolicited email or click on a link in an email. When you click on the link provided you will be taken to a fake site that looks similar to your service provider’s site or are provided with a fake form to complete. Once you insert your login details, the details are collected by the cybercriminals and used to hijack your email account.

Apart from being able to send mails using your email address, the cybercriminals also have the ability to create a rule in your mailbox to move any mails from a specific sender to folders on their own personal computers. You will be totally unaware that your email credentials and confidentiality have been compromised.

What could the cybercriminals do once they have access to your email account?
 

• If the email account is used for banking or business purposes, the cybercriminals could impersonate you as the accountholder and order goods or services, request that banks make transactions on their behalf or notify business clients of a change of banking details. The bank and other businesses may accept these emails as if they came from you without knowing that an unauthorised third party has gained access to your email account.
• Some email accounts have your credit card details on file for future purchases. By accessing your account, a fraudster could access your credit card information.
• Cybercriminals can trawl through your mailbox and any other folders in your email box. They would then be able to use sensitive documents (such as copies of identity documents, passports, mails from suppliers and family) to make their scam seem legitimate and convince others that they are in fact the person they are claiming to be.

Signs that your email address has been compromised
 

• You receive complaints about spam being sent from your email address (to contacts in your address book or to strangers).
• You do not receive any emails or some emails appear to be missing.
• You receive large numbers of undeliverable or bounce messages for emails you did not send.
• You are not able to log in to your email account.
• Unknown emails appear in the sent-items folder.

Telephonic technical-support scams

This is where someone posing as a representative of an IT Company (eg Microsoft) contacts people and offers to assist them with solving a computer problem, or offers to remove viruses, or tries to sell them a software licence.

These so called representatives then request you to access a website or click on a link that will allow them to access your computer so that they can do the repairs, remove viruses or download the software you purchased. Once they have accessed your computer, they will be able to do any or all of the following:

• Trick you into installing malicious software that captures sensitive data, such as online banking user names and passwords. And afterwards, they may charge you to remove this software.
• Take control of your computer remotely and adjust your security settings to leave your computer vulnerable.
• Request credit card information so they can bill you for repairs or software ordered.
• Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

Tips to protect yourself from phishing, smishing and vishing
 

• Control your computer. Never hand over remote control of your machine, or offer your credit card details, to an IT company, unless you're absolutely certain it's legitimate.
• Maintain a healthy scepticism. Be suspicious of any email or sms that asks your personal information or banking details. If you want to access NetBank, for instance, type in Nedbank.co.za from your browser bar and navigate from there. Never click on a 'quick link' in an email.
• Make sure you're secure. Keep your antivirus and operating-system software up to date. As a personal Nedbank client, you can also install Trusteer Rapport on your computer, which is free for Nedbank clients. Trusteer will warn you if a website you're visiting isn't legitimate. Business clients should use Nedbank’s pionerring Plug and Transact™ token.
• Close the security loop. Register for Nedbank Approve-it™ to approve or decline any internet banking transaction on your cellphone. If you see an approval request for a transaction you don’t recognise, you should decline it and contact Nedbank immediately. You can register for Approve-it™ at any Nedbank branch with your identity document. 
• Do damange control when necessary. If you have compromised your personal information in a phishing or smishing scam, it is imperative that you immediately change your PIN and password by logging on www.netbank.co.za, enter your credentials and go to the admin consol located at the top right of the page. Change your password and PIN immediately. You should also immediately report the incident to the Nedbank Contact Centre on 0860 555 111.
• Look at your URL bar. Secure sites always start with 'https' (rather than'http') and have a little gold lock next to them. If you see the little gold lock next to a ‘'http' (rather than an ‘https’) you know it's a fraudulent site.
• Hover over hyperlinks. Hover your mouse over any hyperlinks to reveal the actual URL and check that it is, in fact, the address stated in the email.
• Report it. If you receive a phishing email, do not respond it. Forward it to phishing@nedbank.co.za.