PHISHING ATTACK CAN BE DANGEROUS
Phishing is one of the oldest types of cyberattacks that can lead to online banking fraud, and it remains one of the most dangerous virus that affects our internet security almost a third of all breaches in the past year were related to phishing, according to a 2019 Verizon report.
And lately, much of the debate surrounding the significant rise in coronavirus-related scams has to do with phishing.How
Much Do We Really Know About Phishing?
We dove deep into the history of phishing, to learn about
the most common types of phishing campaigns to watch out for now, and to learn
how to protect against them.
Phishing attacks are the fraudulent attempt to obtain
sensitive and personally identifiable information (PII) from companies or the
general public. Examples of PII are user names, passwords, and credit card
information. Violators often disguise themselves online by acting as a trusted
entity, persuading their victims to turn over their information.
Social
Engineering Techniques Used In Phishing
The main thing to keep in mind with phishing campaigns is
that they are a social engineering technique that goes to the extreme of real
private detective work to prepare phishing campaigns against company managers
or CEOs (spear phishing) to make them sting.
This means that the scammer is deliberately using something
to lure his victims, whether it's a link on a web page to a fake news story
designed to generate outrage, or a fake email posing as the victim's bank,
which they are encouraged to click on a link that leads to a website controlled
by the scammer.
Types
of Phishing
Here are some types of phishing and examples of how they
would work in practice:
Vishing
/ Smishing: These are two examples of phishing vectors.
Vishing refers to "voice phishing", where social engineering is
implemented through a telephone system, with a scammer trying to convince the
victim to transfer money from their bank account or to hand over PII,
jeopardizing their account. Smishing refers to SMS or text spoofing, often
attempting to persuade the victim to click on a malicious link.
Spear
phishing: Another vector, where specific people or companies are
attacked using personal information that the scammer has already obtained
through social engineering techniques, to increase the probability of success
of the fraud. For example, a scammer may find out which bank a person has an
account with and pose as an employee of the bank to try to convince them to
give up more personal information, such as certain account information. Sometimes
the offender will claim that there has been a security breach and advice their
victim to transfer funds to an alternate "holding" account (which, of
course, will be controlled by the scammer himself).
Whaling: It is
basically spear phishing, but aimed at higher profile victims such as C-level
executives or celebrities. For example, CEO fraud (referred to by the FBI as
Business Email Compromise), which occurs when scammers impersonate or
compromise, through computer intrusion or social engineering techniques, email
accounts belonging to executives of the company, to convince employees to make
unauthorized transfers.
Clone
phishing - Occurs when legitimate email, from an authentic source,
has its contents stolen and used to create a nearly identical or completely
cloned email. Sometimes the hacker sends your email stating that you are
forwarding an older message or that you are distributing an updated version of
the original. However, this time, the email may include a malicious attachment
or misspelled URL link that mimics an authentic website, but instead directs
the individual to a website created by the scammer.
Why
Is Phishing A Problem?
Phishing gained notoriety in the 1990s as a way to scam people's money by scammers. American companies were reported to be losing about $ 2 billion a year to phishing attacks against their customers, and the practice of phishing was recognized as a fully organized part of the black market. As time goes by, the problem is growing. To stop this problem from getting big enough we should use some major steps and to keep ourselves safe by having total security from these types of threats and criminal activities that may take away all our information.
To solve all the problems related to phishing you can use this best total security software
Comments
Post a Comment