From Advanced Automation:
“Phishing” refers to the practice of sending emails mimicking a company to trick individuals into revealing sensitive information.
Here is an example using Amazon.com. We have seen a steady increase in fraudulent Amazon emails.
- The scammer creates an email that looks like it is from Amazon.com telling you that you have received a gift card for $50.
- A link in the email takes you to the Amazon login page. Code embedded in the email allows the scammer to record your Amazon login information.
- Since most people reuse login information the scammer will be able access many other of your accounts. The scammer can then place fraudulent transactions, bank transfers, file fraudulent tax returns or buy non-traceable gift cards.
From EOT: Similar methods using emails that appear to be from a trusted source are also used for ransomware attacks. This approach is sometimes referred to as “social engineering”. Automated malware prevention systems like anti virus apps can only do so much. Most system breaches such as the phishing scam described above have a human element. The scammer needs a human to casually click to gain entrance to the system. Team training – including the doctor – and security awareness are your best defense against social engineering attacks.
Reportedly in 2016 top rank administrators at the DNC fell for such a fishing scam, thus exposing numerous embarrassing emails related to the Hillary Clinton campaign.