When Katie Hall received a Facebook message from an old friend with a link to a video she was apparently in, she didn’t think twice about clicking.
“Although I hadn’t been in touch with this person for ages, it was plausible he might have a video with me in it. We’ve known each other since we were babies and I’m 63 next Saturday” she said.
Without realising it, Katie had been phished.
“I was embarrassed and annoyed that I may [have] caused people I like an inconvenience or possibly worse.”
Phishing involves a cybercrime actor sending mass emails, texts, or messages with a malicious link, usually under the guise of a person you may know that has already fallen for the hack. The purpose is to gain access to your private information, usually for financial gain.
And it’s seen an incline in reports in Australia just this year.
In April, the Australian Cyber Security Centre (ACSC) reported a new trend in online phishing scams with cybercriminals taking advantage of the COVID-19 pandemic.
A common phishing hack has inundated vulnerable Australian’s with messages, emails and automated calls pretending to be the government with links to payment relief, or important COVID-19 information.
The Australian Competition and Consumer Commission’s (ACCC) Scam Watch have reported over 3,900 coronavirus related scams and over $3.1 million lost since the beginning of the outbreak.
According to Scam Watch, those most likely to fall victim to phishing attacks so far in 2020 are people over the age of 65.
Overall, Victoria and New South Wales have reported the most phishing hacks and total amount lost since 2017. Most notably is last year’s amount lost for Victoria, which more than doubled in twelve months.
Victoria has already recorded 19,768 reports this year and $784,382 lost to phishing attacks.
Although cybercriminals are getting smarter, researchers at the CSIRO’s Data61 and University of NSW are working hard to develop a compression based algorithm to detect phishing scams before they can do any damage.
The article from CSIRO explains “the PhishZip algorithm uses file compression to distinguish phishing websites from legitimate ones”.
PhishZip is still in the works, but once finalised the web service will be able to detect and block phishing websites before users can be hacked.
As for Katie, she’s just glad she’s “fulfilling the parental role of being a source of amusement for my adult children” who found it “hysterical” Katie fell for the phish.
Featured Image: SARAH OLIVER