The closure of 180 websites responsible for an income tax ‘phishing’ scam over the past three months represents another stage in the ongoing rise of ‘the social engineer’.
The scale and sophistication of the tax phishing scam just demonstrates the lengths at which hackers will go to obtain information. It is not just the easily fooled that are lured in. The simple fact is that people won’t always recognise a bogus email or an unauthorised website.
By playing on an emotive topic like child’s benefits or personal finance and offering people the opportunity to reclaim some cash, coupled with the disguise of a trusted name, scammers are tapping in to an instant source of information – which they can then harvest and use for malicious purposes.
With the financial risk of people losing money from these scams, banks and organisations have a responsibility to enhance their security measures to mitigate against unauthorised access to funds. Organisations are now moving towards a more proactive security model to help protect against. People and organisations need to wise up and get smarter to these scams.