Hi Guys,

Our users have asked us what an impersonation attack is, so I wanted to break it down for you and explain what it is, give you some examples of how people have been affected by this type of attack and also offer you ways to keep yourself safe.

An impersonation attack occurs when a cybercriminal pretends to be someone else to gain access to sensitive information or steal money. Here’s what you need to know about impersonation attacks and how to protect yourself against them.

What is an impersonation attack?

An impersonation attack can take many forms, but the most common types are phishing, spear phishing, and business email compromise (BEC). In a phishing attack, the attacker sends an email that appears to be from a legitimate source, like a bank or online retailer, to trick the recipient into providing sensitive information like login credentials or credit card numbers.

Spear phishing attacks are similar to phishing attacks but are more targeted. In a spear phishing attack, the attacker researches their victim to create a more convincing email. For example, the attacker might use information from the victim’s social media profiles to craft a believable email.

BEC attacks are a type of spear phishing attack that targets businesses. The attacker pretends to be a high-ranking executive within the company and sends an email to an employee in the finance department requesting a transfer of funds.

Here are three recent examples of how people have been affected by impersonation attacks:

  • A woman in the United States received an email from what she thought was her bank requesting that she update her account information. She clicked on the link in the email and entered her login credentials, only to find out later that the email was a phishing scam. The cybercriminals used her credentials to access her bank account and steal thousands of dollars.
  • A man in the UK received an email from someone claiming to be his boss, requesting that he transfer a large sum of money to a foreign bank account. The email appeared to be from his boss’s real email address, and the man didn’t think twice about carrying out the transfer. It wasn’t until he spoke to his boss later that day that he realized he had fallen victim to a BEC attack.
  • A student in the US received a message on social media from someone claiming to be a popular celebrity. The imposter promised the student that they would receive a large sum of money if they sent some money to cover processing fees. The student sent the money, but never heard from the imposter again.

How can you protect yourself against impersonation attacks?

There are several steps you can take to protect yourself against impersonation attacks:

  • Be suspicious of unexpected emails – If you receive an unexpected email from someone you don’t know, be cautious. Don’t click on any links or download any attachments without first verifying that the email is legitimate.
  • Look for red flags – Watch out for red flags like misspellings, poor grammar, or a sense of urgency in the email. These are all signs that the email may not be legitimate.
  • Verify the sender – Check the email address of the sender to make sure it matches the domain name of the company they claim to be from. If in doubt, contact the company directly to confirm the legitimacy of the email.
  • Use two-factor authentication – Enabling two-factor authentication on your accounts can help protect them from unauthorized access.
  • Educate yourself – Stay up-to-date on the latest phishing and impersonation tactics, and educate yourself on how to spot them.

If you are ever in any doubt, you can contact her privacy care experts, who will be able to give you advice. Don’t hesitate to contact us at any point of the day or night or with any concerns you might have. Her team are always on standby 24 hours a day, seven days a week, so please do not hesitate to contact us if you need it.

All the best, talk to you soon,

Max Roberts