Phishing is the cyber attack of using fraudulent emails in an attempt to gain sensitive information about a victim. Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source.
The attackers pretense as a trusted entity of some kind, often a real or person, or a company the victim might do business with. It’s one of the oldest types of cyber attacks dating back to the early 90’s and it’s still one of the most widespread and malicious techniques becoming increasingly advanced.
ATTACKERS GOAL
The goal is to steal sensitive data like credit card and login information ,that data can range from personal or corporate email address and password, to financial data such as credit card details or online banking credentials or even personal data such as date of birth, address and a social security number, or to install malware on the victim’s machine. The information is then used to access important accounts and can result in identity theft and financial loss.
Usually carried out over email – although the scam has now spread beyond suspicious emails to phone calls or voice messages called vishing ; social media, messaging services called smishing.
MALICIOUS ATTACKS THROUGH PHISHING
Phishing is also a popular method for cyber attackers to deliver malware, by encouraging victims to download a document or visit a link that will secretly install the malicious programs in attacks that could be distributing Trojan malware, ransomware, spyware or all manner of damaging and unruly attacks and anyone can be a victim, ranging from the Democratic National Committee in the run up to 2016 US Presidential Election to critical infrastructure or a commercial businesses and even individuals.
SOME WAYS TO AVOID PHISHING
- Think Before You Click – Do not click on links that appear in random emails and instant messages. Before clicking ensure where they are supposed to lead? A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website.
- Install an Anti-Phishing Toolbar – Internet browsers should be customized with anti-phishing toolbars. Such toolbars run quick checks on the sites that you are visiting and compare them to lists of known phishing sites. If you stumble upon a malicious site, the toolbar will alert you about it.
- Keep Your Browser Up to Date – Security patches are released for popular browsers all the time. The minute an update is available, download and install on your system.
- Never Give Out Personal Information – Never share your personal or financially sensitive information over the Internet. Most of the phishing emails will direct you to pages where entries for financial or personal information are required.
- Use Firewalls – High-quality firewalls act as buffers between you, your computer and outside intruders. It acts as a gatekeeper.
[…] Phishing […]
[…] Phishing attempts directed at specific individuals or companies have been termed spear phishing. Attackers may gather personal information (social engineering) about their targets to increase their probability of success. This technique is, by far, the most successful on the internet today, accounting for 91% of attacks. […]
very nice
So well explained