Phishing attacks can lead to severe consequences, such as financial loss and identity theft. Therefore, understanding how phishing operates and safeguarding yourself is crucial for maintaining online security.
Types of Phishing Attacks
Phishing takes on various forms, each aiming to deceive users in distinct ways, as explained below:
-
Email Phishing: This is the most common type, where attackers send emails that appear to be from legitimate sources, urging recipients to click on malicious links or disclose personal information.
-
Spear Phishing: Targeted at specific individuals or organizations, spear phishing involves personalised content to enhance credibility.
-
Whaling: This is a specialized form of spear phishing that targets high-profile individuals, like executives or public figures.
-
Smishing: This is phishing via SMS (i.e., text messages), where attackers send messages containing malicious links or requests for personal information.
-
Vishing: Voice phishing is conducted over the phone, where attackers impersonate legitimate entities to extract sensitive information.
-
Clone Phishing: Attackers replicate legitimate emails, modifying them to include malicious content.
Understanding these different types of phishing attacks, complemented by following the precautions below, will enable you to effectively recognise and mitigate potential threats:
-
Verify the Source: Always verify if the message is genuinely from Funding Societies.
-
Avoid Clicking on Links: Instead of clicking on links in emails, manually navigate to CardUp's official website.
For example, if the email claims to be from CardUp, ensure the link begins with: https://cardup.my and not with e.g. https:://cardup.xyz.my
|
-
Look Out for Spelling and Grammar Errors: At CardUp we typically proofread our communications. Spelling mistakes or poor grammar can be indicators of a phishing attempt.
-
Evaluate Content and Tone: Phishing messages often create a sense of urgency, such as threats that your account will be locked unless you respond immediately. CardUp generally will not make such demands.
-
Contact Us Directly: Instead of using the contact details provided in a suspicious message, obtain CardUp's official contact information from our website and contact us directly to verify if the message is legitimate.