Spear Phishing Risks

It is not uncommon to hear of spear phishing and hacker stories who broke into some company systems and stole many of their client names, emails and other personal information. And you may wonder what can I do? This is out of my control. But you may be wrong with this kind of limited thinking. First, you can avoid sharing your personal information with others unnecessarily. Second, even if you realize you already shared your email address with many online companies, you can still opt out of their mailing list. Of course, they can still retain your information, email you again, or even share your information with others even if you opt out, but, by taking action to remove your name and personal information, you reduce your risk and every bit of risk reduction is a good thing.

There are also those cases where your personal information is collected from various sources, processed, analyzed, packaged and sold without your approval. You may or may not be aware of where your information might exist and in what form and I doubt that everyone knows exactly which company owns how much of their information and in what formats. Thus, as a matter of precaution, it is important to stay abreast of the latest hack attacks and stolen information. It is also prudent to be cautious when responding to emails which might appear to be coming from legitimate sources. You see, stolen personal information might be used in a variety of creative ways to commit identity fraud and one of such criminal ways might be to use stolen emails and names to obtain account IDs and passwords. You may have heard of or even seen emails appearing to be from a legitimate source like your bank which asks you to update your personal information by clicking a link because the bank suspects your account was emptied by identity thieves. But in fact, your account gets emptied when you click the link and enter your account ID and password. This is called phishing but when pieces of personal information such as name, date of birth and address are used with phishing to lure people into revealing more personal information such as their account ID and password, it becomes spear phishing and it is very dangerous because people tend to trust the phishing email even more when they see some of their personal information in the email and this is why spear phishing is much more dangerous because it entices people to voluntarily give away their most intimate information like account pass codes.

To reduce your risk of spear phishing and identity theft, follow these simple rules:

  1. Be suspicious of good looking emails appearing to be sent from legitimate companies which include some of your personal information and ask for your ID and passwords. Often, these emails which warn you of a disaster to scare you are well designed and include the logo of the bank and some of your personal information to fool people. Just remember that a bank will not ask for your ID and password if they suspect your account is hacked. They will simply freeze and flag the account for further investigation and someone will call you to explain the case.
  2. Use different IDs and passwords for important accounts. This is also very important because if your information is stolen for one account, then all other accounts also can get accessed by thieves.
  3. Stop being identity obese and stop sharing your personal information with just anyone. We all realize at some point that we have excessively shared our information with others but it's never too late to stop the sharing trend.
  4. Opt out and unsubscribe from marketing lists. When you receive emails, you must be allowed to opt out of the distribution list and remove your email address by law. If it doesn't work the first time, keep unsubscribing until it works. You have nothing to lose.
  5. Ask your banks and other companies you do business with to stop sharing your information with others. This is your right under privacy laws. Read the privacy letters your receive in the mail carefully and use the instructions to opt out.

Read other identity theft prevention articles after spear phishing.

Identity Management Certifications

Identity Theft Courses