<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1594118447410323&amp;ev=PageView&amp;noscript=1">

Disclaimer

You are now leaving the Independent Bank website.

Linked web pages are not under the control of Independent Bank, its affiliates or subsidiaries. Be aware the privacy policy of the site to which you are going may differ from that of Independent Bank. Independent Bank provides external links as a convenience and is not responsible for the content, accessibility, or security of any linked web page.

Click “OK” to continue or “Cancel” to go back

Ok Cancel
x

Disclaimer

You are now leaving the Independent Bank website.

Linked web pages are not under the control of Independent Bank, its affiliates or subsidiaries. Be aware the privacy policy of the site to which you are going may differ from that of Independent Bank. Independent Bank provides external links as a convenience and is not responsible for the content, accessibility, or security of any linked web page.

Click “OK” to continue or “Cancel” to go back

x Want to chat? How can we help you? open chat
Menu
Search
Locations
Login

Spear-Phishing Schemes

By Independent Bank February 24 2017 Cybersecurity

3 tell-tale signs you’re being “phished”

Conceptual digital image of lock on circuit backgroundSpear-phishing is a new take on the more familiar “phishing” scams. With spear-phishing, you are directly targeted with information about yourself, so you believe the email is coming from a legitimate friend, acquaintance, or business you’ve dealt with in the past. The emails will often reference a mutual friend, a trusted company, or a recent purchase to make you feel more comfortable with the correspondence. These scams rely on your trust to gather personal information that can be used to gain access to your personal accounts, or garner information that can later be used to extract money or steal your identity. So, how do you stay safe from spear-phishing attacks? The first step is knowing what to look for.

They Ask for Financial Information

No company you’ve dealt with; from a local store to your bank, will ever ask you for your account information or password via email. This type of data is protected, and emails are not a secure way to share this information. Because of this, no business or financial institution will ask you to share this data via email. If you’ve received an email asking for passwords, account information, or credit card information from a business you’ve dealt with in the past, odds are you are the target of a spear-phishing scam.

These scams rely on familiarity to create trust. They utilize the information you’ve shared online to create that trust. To avoid becoming a victim, read emails carefully and never share sensitive data. To further protect yourself, experts suggest tightening up social media security settings to ensure only your friends can see what you are posting. This will help keep scammers at bay.

The Grammar is Off

Spear-phishing emails are often oddly worded or feel awkward when read. Because Spear-phishing relies on acting like a person or company you are familiar with, take note of the way the email is worded. If the email does not sound right or has a tone that is not in line with previous communication with the person or company the email purports to be from, it is likely a spear-phishing scheme.

Spear-phishers go to great lengths to learn something about you to ensure the email creates trust, but they often fail to word emails naturally or in the tone of a native speaker. This is a tip off that you are being phished. Experts suggest going back to previous correspondence if you can and checking the style and tones against each other if you aren’t sure about the legitimacy of the email. Experts also suggest calling the party directly to ensure the correspondence is from them.

The Timing is Serendipitous

Hackers know when people are at their most vulnerable. This is generally during the holiday seasons and when important events are occurring. Most recently, spear-phishing scams stole the W-2 forms of several employees from various companies. The emails were masked to look like they were coming from the CEO, and requested copies of the W-2 forms. Because the emails appeared to be coming from a trusted source and were timed around tax season, employees happily sent off their personal information without thinking twice.

Tax season is a common time for scams. Emails that allege to be from the IRS or from your employer are likely phishing scams. Avoid these scams by following up via phone to verify that information needs to be sent. The IRS will never email you looking for personal information, but if you do receive such an email you should report it.

Learn more about protecting yourself from fraud

Join our newsletter!

Latest posts

Vishing

What it is and how to avoid it
Read More

Are You Smarter than a Phisher?

5 Ways phishers can trick you
Read More

Phishing Attack

The first 6 steps you should take
Read More

Email Scams

Be aware of these 6 signs
Read More