Cyber security is everyone’s responsibility and it’s important to take steps to safeguard both your personal and company information. In this blog post we’ll explain several types of phishing attacks, how they work, and how to protect yourself from them.

Like phishing, vishing, smishing and quishing aim to trick you into providing your personal or financial information or installing malware on your devices. These attacks can have serious consequences, such as identity theft, fraud or data breaches.

What is a phishing, vishing, smishing and quishing attack?

Phishing is where attackers send emails that look like they come from a legitimate source like a bank or government agency. These emails usually contain a link or attachment that directs you to a fake website or downloads malicious software on your device. The goal is to get you to enter your login credentials, credit card details or other sensitive information.

Vishing is a type of phishing that uses voice calls instead of emails. Attackers call you and pretend to be someone you trust such as a customer service representative, a tax officer or police officer. They may ask you to verify your identity, confirm a transaction or pay a fine. They may also try to persuade you to visit a fraudulent website or download a malicious app.

Smishing is a type of phishing that uses text messages (SMS) instead of emails. Attackers may send you texts that look like they come from legitimate sources, such as your bank, your mobile service provider, or a delivery service. These texts may contain a link or a code that directs you to a fake website or installs malware on your device. The goal is to get you to enter your login credentials, credit card details or other sensitive information.

Quishing is a type of phishing that involves tricking someone into scanning a QR code using a mobile device. These QR codes appear legitimate, like the ones found on product packaging, social media, flyers and brochures or in public spaces. These malicious QR codes may redirect you to fraudulent websites. Like other types of phishing the goal is to obtain your personal or financial information or install malware on your device.

How to protect yourself

The best way to protect yourself from phishing, vishing, smishing and quishing attacks is to be vigilant and cautious when receiving any communication that asks you to take an urgent action or provide information. Here are some steps that you can take to protect yourself from these attacks:

• Do not click on links or open attachments from unknown or suspicious sources.
• Do not give out personal or financial information or any passwords to someone who contacts you unsolicited.
• Verify the identity and legitimacy of the sender or caller before responding.
• Install and update anti-virus software, firewalls, and email filters to protect your devices and networks.
• Disable automatic downloads and install an ad blocker to prevent malicious software from infecting your browser.

Phishing, vishing, smishing and quishing are serious threats that can compromise your personal and company security and privacy. By following these tips, you can reduce the risk of becoming a victim of these attacks and protect yourself from cybercriminals.

Useful links

Stay safe online: https://www.cyber.gov.au/acsc/cyber-security-awareness-month-2022

IDCare (available in Australia and NZ): https://www.idcare.org/

Have I Been Pwned: https://haveibeenpwned.com/

Report a scam: https://www.scamwatch.gov.au/report-a-scam

Report a cybercrime: https://www.cyber.gov.au/acsc/report

Virus Total: https://www.virustotal.com/gui/home/url

Request a ban on your credit report:

Experian: https://www.experian.com.au/consumer/request-a-ban

Equifax: https://www.equifax.com.au/lp/protect-your-identity

Illion: https://www.illion.com.au/illion-au-ban-request-application-form/

Fun videos:

James Veitch: This is what happens when you reply to spam email | TED Talk

What is Your Password? | YouTube