September 21, 2023
Fairview is noticing an uptick in phishing reports by clients. There are several different forms of phishing that have emerged with the development of new kinds of technology and social media. In particular, quishing (QR code phishing) attempts have increased recently. It’s important for users to be aware of all the different forms of phishing to avoid potential threats.
The current phishing campaign involves the following steps:
A Captcha may look like this:
To avoid these kinds of attempts, exercise caution when clicking links from emails. Always be cautious when clicking on links where it asks you to login, even if it originates from someone you know and trust since the sender may be compromised.
Here is an example of how this phishing campaign may look:
Tips for Avoiding Phishing Attempts
The most effective way to avoid phishing forms is to avoid clicking a link, QR code, etc. Bookmark login pages for your commonly used accounts and use those rather than clicking through a link. Fake emails, texts, and voicemails have become sophisticated and appeal to users’ emotions. If something seems suspicious, it probably is.
Below are some common signs to help identify phishing campaigns:
And remember: Never forward or reply to a suspicious email or text. Try to independently verify it or simply delete it. Use your firm’s reporting methods, such as using a phishing alert button to flag potential phishing emails for investigation and quarantine. Contact your IT provider with any questions.
Still have questions? Fairview Cyber offers turnkey solutions that address SEC requirements for cybersecurity, and our team of regulatory experts are available to answer any questions you may have regarding training, phishing, and vendor due diligence. To learn more, visit our Cyber Solutions page or contact us if you’d like to speak to one of our regulatory experts.