What is Phishing? A Look at One of Cybercrime’s Favorite Tactics
This is one of the most common types of cyber fraud that has been going on for decades. The Modus Operandi in such crimes is to email/SMS/call unsuspecting persons, preferably senior citizens, pretending to be from some bank.
What is Phishing ?
Phishing is a method of trying to gather personal information using deceptive e-mails and websites.
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
Phishing is a type of cybersecurity attack during which malicious actors send messages pretending to be a trusted person or entity.
What are the different types of phishing?
1.Spear Phishing.
2.Whaling.
3.Vishing.
4.Email Phishing
5. A man in the middle attack
* Spear phishing.
Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business.
highly targeted form of phishing, spear phishing involves bespoke emails being sent to well-researched victims. It is hard to spot without close inspection and difficult to stop with technical controls alone..
* Whaling Phishing
A whaling attack, is also called whaling Phishing it is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company.
* Vishing.
Vishing is a cybercrime that uses the phone to steal personal confidential information from victims. Often referred to as voice phishing, cybercriminals use savvy social engineering tactics to convince victims to act, giving up private information and access to bank accounts.
* Man-in-the-Middle Attack -
A man-in-the-middle attack involves an eavesdropper monitoring correspondence between two unsuspecting parties. These attacks are often carried out by creating phony public Wi-Fi networks at coffee shops, shopping malls and other public locations. Once joined, the man in the middle can phish for info or push malware onto devices.
Who is at risk of Phishing attacks?
Phishing can affect anyone of any age, whether in their personal life or in the workplace.
Everyone from the elderly to young children are using internet devices nowadays. If a scammer can find your contact information publicly, they can add it to their phishing target list.
Your phone number, email address, online messaging IDs, and social media accounts are harder to hide nowadays. So, there’s a good chance that just having one of these makes you a target. Plus, phishing attacks can be broad or highly targeted in the people they choose to trick.
How to stay safe from Phishing,
How to avoid Phishing scams..
Be aware — Knowing how these thieves operate can help you from getting scammed. Always remember that legitimate a business doesn’t make unsolicited requests for personal, sensitive, or financial information. Anyone who does this over the phone is probably trying to scam you.
1.Always check the spelling of the URLs in email links before you click or enter sensitive information
2. Never respond to emails/calls asking you to update or verify User ID/Password/Debit Card Number/PIN/CVV, etc. Inform your bank about such email/SMS or phone call. Immediately change your passwords if you have accidentally revealed your credentials.
3.Never provide your identity proof to anyone without any genuine reason.
4.Never click on any link in any e-mail to access the bank’s site. It is likely to be a phishing site that will direct you to an impersonating site and capture your banking credentials.
5. Don’t answer phone calls from unknown numbers — It is tempting to answer calls from unknown numbers. You might even if think, ‘What if it’s an emergency and someone needs me?’ Be aware that anyone who’s calling you with a real emergency will leave a message.
6. Don’t give your information to an unsecured site —
If the URL of the website doesn’t start with “https”, or you cannot see a closed padlock icon next to the URL, do not enter any sensitive information or download files from that site.
Originally published at https://inferius.in.