Catch Phish If You Can

By on Sep 27, 2017

There are some movies you can watch over and over again. For me, it’s “Catch Me If You Can,” Steven Spielberg’s 2002 crime film based on the life of con artist, Frank Abagnale. Abagnale, portrayed by Leonardo DiCaprio, poses as a variety of professions (a pilot, a doctor, and a lawyer) as he forges checks all around world and steals millions of dollars. His attention to detail and ability to charm people are key elements of his schemes, which, as a security expert, reminded me a lot about phishing scams.

Frank convinced banks to give him money through fake checks, but hackers convince you to give up your information through fake emails and URLs. These emails and URLs are nearly identical to emails you might receive from your bank or insurance carriers and often ask you to “confirm” your sensitive information.

Phishing scams also utilize social engineering, a technique DiCaprio’s character used perfectly to his advantage throughout the film. Time and again, Abagnale uses his ability to charm people into trusting him in order to get what he wants; a bank account, a pilot’s uniform, and even a fiancée. Cybercriminals do the exact same — they rely on people’s trusting demeanors in order to get what they want, which in their case is their victim’s personal information.

While there are many comparisons between Frank’s conning tactics and today’s scams, it’s important to remember that the resources and attacks vectors available to today’s criminals have expanded. Even though Frank was successful, he was still limited compared to today’s tech advancements. Digitization has opened new doors for hackers, especially when it comes to mobile devices. In fact, it’s been reported that mobile devices users, specifically iOS devices, are the biggest target for mobile phishing attacks.

So how can you catch these attempts to steal your information? We’re glad you asked.

  • How much is too much? If you’re being asked for too much information, be cautious.
  • Address unknown: Before logging into an account, make sure it has the correct web address.
  • What’s in a name: Do you recognize the sender’s name and email address? Does the company’s email match others you’ve received? Check these before responding!
  • It’s ok to hover: Before you click that link, hover over it to see if the URL address looks legitimate.
  • Is it too good to be true? “Free” offers, or deals that sound out of this world probably are. Avoid these like the plague.
  • Security is key: Always use comprehensive security software to protect your devices and personal data from malware and other threats that might result from a phishing scam.

Remember, as great as movies are for entertainment, reality is much more serious. Always be cautious and protective when it comes to your personal information. Keep up to date on best practices and latest security updates.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

"metadata": {
"id": "0ff182d9-216b-46a5-9f8a-05e80abbbd88",
"version": "1.0",
"ep": "ta",
"lang": "en-us",
"original-url": "",
"author": "Radhika Sarang",
"author-page": "",
"category": "Consumer Threat Notices",
"draft": "false",
"authordetail": "Radhika Sarang currently serves as Director of Global Consumer Product Marketing at McAfee, and has worked in a strategic marketing capacity for top tier high tech companies since 1998. Prior to joining McAfee, Radhika led product marketing for Nokia’s social location consumer division, and also served as the Sr. Product Manager for Palm’s WebOS devices.",
"tinyimage": "",
"feedimageurl": "",
"pubDate": "Fri, 27 September 2017 12:35:48 +0000"

About the Author

Categories: Trusted Advisor

Subscribe to McAfee Securing Tomorrow Blogs