A United States telecommunications provider fell victim to a data breach after a hacker was able to access customers’ personal details by impersonating a support agent.
Customers of Cox Communications have recently received letters notifying them that an unknown person or persons had impersonated a support agent to access customer details.
At the time of writing, few further details were available about this incident. However, it seems likely that criminals used social engineering tactics to gain access to the systems in question. In writing to its customers, the company listed a range of personal details that “may have been viewed.” Still, it didn’t disclose whether financial information or passwords were at risk. However, Cox did advise customers to monitor their financial accounts and offered a free one-year subscription to Experian IdentityWorks for those affected.
Phishing is likely the more significant risk – would you know what to look out for?
Among the personal details that may have been viewed were telephone numbers and email addresses.
While the data available to the hackers involved could be used to facilitate identity theft – hence Cox’s offer – it’s likely that phishing is a far more significant risk.
While this incident occurred in the United States, something similar could easily happen here in the UK, and phishing is already widespread anyway.
Do you know what to look out for and how to keep yourself safe from fraud?
What is phishing?
Phishing is when cybercriminals send you an email impersonating a well-known business or brand. These emails will often be asking you to log-in to secure your account, to make a payment, or to reconfirm your payment details. Sometimes, the links they contain may also download malware onto your device without you realising it.
Phishing has become increasingly sophisticated in recent years, with cybercriminals able to produce emails and copycat websites that look almost identical to their legitimate counterparts, making it exceedingly difficult to tell when you’re being scammed. What’s more, because data breaches are becoming more common, the chances that you’ll receive a phishing email from a hacker posing as a company where you have an account or have made a purchase from in the past are also higher than ever.
Phishing is also known as smishing when done via text message rather than email.
How to avoid being a victim of phishing or smishing
The short answer is to remain vigilant.