Level up your security awareness training to human risk management with comprehensive cybersecurity training.
Prank phone calls have been around since the invention of the telephone.
Now, prank phone calls are evolving into a dangerous, serious form of harassment known as “swatting.”
In recent years, this malicious trend has surged globally, with the United States leading the way as a target victim location. High-profile individuals within organizations (like C-suite executives or high-level directors), politicians, and even average consumers are all being targeted daily.
So, what is swatting and how can you protect yourself against it?
Swatting earned its name as a result of the Special Weapons and Tactics (SWAT) teams often deployed following a hoax call to report a serious crime to emergency services. Initially, the goal of swatting was to get authorities to dispatch SWAT to respond to a false emergency. FBI records indicate swatting has been around since the early 2000s. Its recent surge in popularity combined with new, evolving tactics is what’s concerning. The false emergencies reported are no longer just to prank a police department. Criminals are not aiming to catch their victims off guard by turning them into the suspect. Very detailed personal information and location of a “suspect” who made a bomb threat or kidnapped a child, is holding someone hostage, or even witnessed a fake murder, are aimed at eliciting a physical response and bringing the victim into the crosshairs.
The Danger of Swatting
Swatting is no longer just a “harmless” prank that wastes public resources; it carries more severe consequences. Unaware victims and response teams are engaging under the assertion of confusion and validity respectively. There have been instances where physical harm has occurred as a result of swatting schemes. Even in instances where the situation is diffused quickly, the misappropriation of resources can divert action from responding to a real crime and is often an additional layer to these schemes. Technological advancements have complicated these schemes even more.
Today’s swatters use sophisticated techniques like ID spoofing and voice changers to conceal their real identities, email and VPN masking, and social engineering schemes, making it challenging for law enforcement to track their actions.
Anyone can be a swatting victim. Swatting is no longer used to target just celebrities, politicians, and corporate executives. The shift and focus on organizations as a whole and trying to bring reputational damage to a company or institution, or even target customers or clients maliciously impersonating an organization, highlights the need for heightened awareness and vigilance.
Swatting Prevention and Protection
Preventing swatting requires proactive steps to protect personal information and a holistic incident response plan inclusive of how to handle a fake situation or accusation. Security measures to employ on the digital front include hiding your IP address using a VPN, implementing two-factor authentication (2FA), protecting your privacy on social media by limiting who can see your profiles and accounts, and staying informed about current social engineering tactics. These fundamental cybersecurity strategies play a crucial role in mitigating the risk of swatting targeting you directly.
If you find yourself in what you think may be a swatting situation or social engineering scheme, stay calm and cooperate with authorities. Law enforcement has to treat every situation as though it is real. Don’t let your confusion and innocence lead to escalating actions and help to diffuse by cooperating and allowing for sorting it out properly so the real criminals can be found. Report any threats of swatting to help prevent future incidents and provide a record for response teams.
The Bottom Line
Swatting brings together technology and malicious intent. It’s the ultimate tool at the disposal of cybercriminals in today’s landscape. The panic and confusion it causes can allow for a real strike to take place by distracting and disorienting everyone involved and preying on targeted victims. It’s a serious threat to individuals and organizations alike. As this trend continues to evolve, the importance of staying informed, adopting proactive preventive measures, and having a clear response plan rises. By understanding swatting and taking proactive steps, we can collectively work toward safeguarding against this alarming form of cyber harassment.
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.
As Valentine's Day approaches, we want to keep you safe from falling victim to the deceptive tactics cybercriminals utilize during the season of love.