According to estimates, approximately 760 people, or more than two per day, are killed by their partners. Most of the victims are women.1 Making matters worse, abusers use “stalkerware” to track their victims online, cutting off sources of income, isolating them from friends and family, and otherwise trying to control every aspect of their lives.
No surprise, phishing is often the spearpoint for installing stalkerware. That’s why I’m appearing this Thursday, October 11, at the 2018 Domestic Violence and Security Conference in Washington, DC, sponsored by Operation: Safe Escape, a non-profit program that empowers victims. I’ll be drawing on Cofense™ expertise to share tips for spotting phishing, so attendees can spread the knowledge and protect more lives.
Phishing 101: Equipping Targets with Knowledge
By learning the basics, people targeted by domestic abusers can defend against phishing emails:
- Learn to identify phishes
- Exercise caution with embedded links
- Know the dangers of downloading any suspicious files
- Keep software up to date
- Back up files regularly in case of ransomware encryption
At the conference, I’ll be covering malware—what it is and why it’s so dangerous—along with spear phishing, malicious links, the risks of public browsing, and more.
Even those who don’t attend can learn to protect themselves. For example, it helps to know that phishers disarm their victims with personal details, using full name, mailing address, Tax ID, phone number, bank account numbers, you name it.
Domestic abusers also scavenge social media to polish their lures. They might mention family members, for instance, to trick targets into downloading an attachment or clicking a link, which in turn might install malware to harvest logins and personal data.
Sometimes, the target is hit with a double-barrel attack. A first highly personalized email tells the recipient to expect a second email with a document attached. The second email follows with an attachment to unleash malware and misery.
How Would-Be Victims Can Spot a Phish
The same rules we teach in the workplace apply to your personal life. Check the email sender—is it someone you know or would expect to send you a personal message? And think before you click or take any action. Above all, never hand over sensitive information via email.
If you read an email closely, you can probably get a sense of its authenticity. Are there spelling or grammatical errors? Does the tone seem right or do you have a gut feeling something is amiss? Pay attention to simple clues.
To become more phishing-aware, check out this Cofense blog series. And visit Operation: Safe Escape to learn how the program helps victims safely leave domestic abusers. And visit Operation: Safe Escape to learn how the program helps victims safely leave domestic abusers.
All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks.
- Lois Beckett, “Domestic Violence and Guns: The Hidden American Crisis Ending Women’s Lives,” The Guardian, April 11, 2017.