How are phishing scammers behaving?

Hackers are everywhere - they lurk online and target just about anyone, without discrimination. There aren't many indicators to let people know who is attacking them with a phishing scam, or at least there haven't been in the past.

Recent developments have started to show that hackers are not only becoming less afraid of releasing their names, they're also being smug about it.

Phishing to become a celebrity

Generally, the phishing schemes of the past have been covert operations that don't reveal a whole lot about who is behind the attack. However, recent information from Symantec Security Response has uncovered a "brag tag" that is included by the hacker and gives a name, website and YouTube channel(1).

It seems as if people that are targeting consumers through phishing email scams are now leaving a calling card that advertises their product and procedures they go through on video blogs.

The first instance of this came up on an Amazon.com phishing scam website(1), which showed the attack was given a title ("Scama Amazon 2016") and linked to the hacker's blog.

While the YouTube channel itself had only five videos according to Symantec, and each was viewed only 100 times, the comments left by viewers indicated that there was a keen interest in sharing phishing techniques and programs in order to make the industry more invasive(1). YouTube itself has over 1 billion users(2), and around 80 per cent of all views on videos are from outside America(2). It is clearly a popular platform for social and advertising use, but is it becoming more dangerous for sharing hacking information?

Prevent phishing, even from the best hackers

Some of the most simple ways to stop a phishing attack affecting your identity and sensitive information include not opening up emails or links from sources users don't know or trust, as well as using two-factor authentication when logging into email accounts and other social media profiles.

Phishing scams are becoming much easier to operate(1), and that's partly to do with the accessibility of various phishing kits that require little to no expertise to function, but can still cause serious damage to digital users(3). Even from February 2015, hackers have been boasting about their exploits online within the scamming community(3), and that's a worrying trend that could cause enhanced popularity for attacks.

Have you been affected by a phishing scam? Get in touch with Identity Watch today and see how its services can protect your sensitive information.

1. Symantec Security Response. Accessed April 2016.

2. YouTube. Accessed April 2016.

3. Symantec Security Response (2). Accessed April 2016.