Both these case studies are a game of cybercrime job fishing. Actually, fishing is the way fish is caught by hooking a grain. Similarly, you are trapped in different ways by sending emails through your details available on the Internet. So that more and more of your personal information can be collected. And they can be misused. In most of the incidents, their motive is extortion of money.
Now understand, how is phishing?
According to cyber experts, among the many methods of phishing, the most popular is spear phishing, which is done by specifically targeting a person. Email spoofing (creating an email ID in a format similar to the email format of a large company) is a tried and tested weapon of spear phishing. About 90% fixing is being done through this.
Theft for fishing happens from here
Cyber criminals steal your employment details from social media like LinkedIn, Facebook, Twitter, Instagram. You get a job or interview offer from a fake email id that looks like a real one, which initially looks just like the real one. Some emails also contain a link to the company’s website, which looks genuine but is not. If you reply to them, from there you start getting caught in phishing.
Completion process for ‘Job’
You are again asked for some information. Your test, interview is also taken. A fake offer letter will be sent to you. Till then during this whole process many of your personal information like address, past employment, account statement is taken. Many times, in the name of registration fee, some small amount is deposited online from you. The link given for that is a malware link which captures all your banking details and passwords while making payment. Your account is cleared in a jiffy without your knowledge. In other incidents, after giving you the offer letter, a huge amount is demanded, employment fees or foreign job offers, then visa fees and others are demanded.
How to avoid phishing in the name of job
Do not give any of your financial information in the greed of any job offer. See if you are being offered a salary more than your qualification. If someone is asking for advance money in the name of job consultancy, don’t get fooled by them. Protect your social media accounts, bank accounts, email accounts with Dual Factor Authentication.
Do not click on any unknown link received through any email or message. Provide your User ID and Password only on the authorized website. Check that the website address has https:// before it, not http://. Before replying to an email ID matching the name of a company, get more information about that company. Check the correct email id in the contact section. (For example, if [email protected] group.com is instead of [email protected], then understand that it is fake). Install anti virus software on your computer and mobile, always keep mobile security updated.
Report if you are a victim of job phishing
According to the police, if you have become a victim of job phishing, you can lodge a complaint with the nearest cyber police station. You immediately call 1930. This number is the centralized number of the cybercrime portal of the Ministry of Home Affairs. Also file a complaint on the cybercrime portal of the Ministry of Home Affairs at cybercrime.gov.in. Look carefully at the micro level differences like invisible dot, dash, slash, under scope.