What is Phishing?

What is Phishing?

Like actual fishing, it’s no fun to be on the end of the hook. Phishing is defined as the fraudulent use of electronic communications to deceive and take advantage of users.

Phishing attacks attempt to gain sensitive, confidential information such as usernames, passwords, credit card information, network credentials, and more. By posing as a legitimate individual or institution via phone or email, cyber attackers use social engineering to manipulate victims into performing specific actions—like clicking on a malicious link or attachment—or willfully divulging confidential information.

Both individuals and companies are at risk; almost any kind of personal or company data can be valuable to the unscrupulous, whether it be to commit fraud or access a companies network. In addition, some phishing scams can target business data in order to support espionage efforts or spying on competitors.

Phishing Methods

Phishing attempts normally start with an email attempting to obtain sensitive information through some user interaction, such as clicking on a malicious link or downloading an infected attachment.

A good rule of thumb to avoid such scams is to consider the old adage of, “it’s too good to be true,” and to never click on links within emails. When it comes to attachments, asking colleagues to distribute them over file sharing platforms is safer and less susceptible to manipulation than emails which can easily be spoofed to look like they come from somewhere legitimate.

Using covert redirection, attackers are also capable of corrupting legitimate websites with malicious pop-up dialogue boxes that redirect users to a phishing website.

Infected attachments, such as .exe files, Microsoft Office files, and PDF documents can install ransomware or other malware.

Phishing scams can also employ phone calls, text messages, and social media tools to fool victims into providing sensitive information.

Advertisement
Deal of the Week at MacMall.com

Phishing Attack Types

Some specific types of phishing scams use more targeted methods to attack certain individuals or businesses.

Spear Phishing

Spear phishing email messages are targeted attacks and not at all random. Attackers will often gather information about their targets to fill emails with more authentic context. Some attackers even hijack business email communications and create highly customised messages.

Clone Phishing

Attackers are able to view legitimate, previously delivered email messages, make a nearly perfect clone copy of it and then change an attachment or link to something malicious.

whaling

Whaling

Whaling specifically targets high level users in a company, such as senior managers or directors. The content of a whaling attempt will often present as a legal communication or other high-level related content.

How to Prevent Phishing Attacks

It is important that you should educate employees to prevent phishing attacks, particularly how to recognise suspicious emails, links, and attachments. Cyber attackers are always refining their techniques, so continued education is essential.

Advertisement
Get 20% off AVG Internet Security Unlimited! Banking, browsing, shopping; extra protection for you.

What to look for in a typical phishing email:

‘Too good to be true’ offers
Strangely spelt sender names
Poor spelling and grammar
Threats of account shutdown, etc., particularly conveying a sense of urgency
Links, especially when the destination URL is different than it appears in the email content
Unexpected attachments, especially .exe files

It would be advisable to say that if anybody receives an email that they are at all suspicious about, should contact the IT department who can check the validity of the sender, the website links or any attachments.

Phishing is still a very popular cyber attacking method and can make the unscrupulous sender a large of money. Now we don't want that do we.
 

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or LinkedIn.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Help and Advice

How to Limit Facebook From Tracking What You Do

How to Limit Facebook From Tracking What You Do

13 January, 2020

You can choose to stop some of the web activity being used to target you with ads by visiting the YourAdChoices site run...

Cable Haunt Flaw Leaves Millions of US Modems at Risk

Cable Haunt Flaw Leaves Millions of US Modems at Risk

13 January, 2020

Multiple cable modems used by ISPs to provide broadband into homes have a critical vulnerability in their underlying ref...

What is a proxy server?

What is a proxy server?

09 January, 2020

A proxy server – is a computer on the internet which acts as a middle-man between your computer and the website or ser...

Americans still vulnerable to foreign hacking tactics, DOJ official says

Americans still vulnerable to foreign hacking tactics, DOJ official says

18 January, 2020

Because of the 2020 election campaigning, a senior Department of Justice official says he worries that Americans are sti...

What is a VPN tunnel?

What is a VPN tunnel?

04 December, 2019

VPN stands for Virtual Private Network and used to be used mainly by employees connecting to their company network remot...

Cyber Security A to Z

Cyber Security A to Z

03 November, 2019

The world of cyber security is wide-ranging and fascinating, and one that must adapt and move as quickly then those who ...

×

Sign up to keep in touch!

Be the first to hear the latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time