BLOG, PHISHING

Phishing

What is Phishing?

Phishing is a type of social engineering attack where the attacker pretends to be someone or a legitimate institution to trick them into revealing sensitive information which would ultimately enable the attacker’s delivery of a payload. It’s often used as the first step of a bigger attack. APTs use this to gather employee login information or trick them into downloading and executing malicious scripts.

Delivery

There are a lot of ways people are attempting phishing attacks. As we are getting more advanced in technologies, the attack vector is increasing. According to Proofpoint’s 2021 phishing report, around 80% of organizations fell victim to phishing. Let’s see some common modes of phishing attacks.

Email Phishing

One of the most common ways to get phished is by email. In this scenario, an attacker uses a fake username or domain name to trick the user. At first, within the email and its subject details, we will not see anything malicious. But if you look carefully you would see such an email coming from “[email protected]”. A quick google search will tell you this is not the email address of amazon support. This kind of email will create a sense of urgency that leads to the victim falling for the phishing attempt.

Spear Phishing

Attackers often search social media sites to gather information about an employee working in the target company. When the attackers try to phish a specific person, it’s considered spear phishing. Attackers will gather information such as name, job title, email address, recent victims’ location, things the victims like to do, and other information to create a believable phish. In the picture, we can see the attacker addressing the victim by his name. Impersonating someone from the company is an urgent issue.

Smishing

We all use smartphones and they have become a part of our life. Which is why it is one of the most popular ways to exploit victims of phishing. A phishing attack that is made with SMS is considered smishing. In the example, we can see it saying “Apple Support”. But if we look at the link in the message it doesn’t look like it’s coming from apple.

Vishing

We receive spam calls almost every day. During the phone call an attacker will use social engineering to trick you into giving them your banking information, username, password, or even critical information about your company. Usually, they will use scare tactics to get sensitive information out of you.

Clone Phishing

Attackers often clone a website and trick victims into believing the cloned website is the legitimate website. The cloned website is usually almost identical to the actual website. It’s very hard to identify the website as fake. In the picture you can see the website looks like a legit login page of Amazon. But if you look at the URL it is “www.amazonn.com”. The legitimate URL of the Amazon website would display as “www.amazon.com”. So if you don’t look carefully you will fall for this type of phishing attack.

How To Prevent Phishing?

To protect yourself from a phishing attack, you need to learn how to identify one. Here are some tips to identify a phishing attempt and keep yourself protected.

  • Check if the email or SMS has spelling or grammar mistakes.
  • Read the email header to ensure the email is coming from an actual person.
  • Look out for fake invoices.
  • Be wary of emails that demand you to take urgent action in the form of clicking a link, or downloading a file.
  • Be on the lookout for calls/messages/emails that request your credentials or other sensitive data.
  • Ignore messages that have malicious attachments, and block the sender.
  • Ignore communications that promise you a substantial reward or money for your cooperation.

Reference

Proofpoint

IT Governance

Norton

Cofense

Buy Me a Coffee at ko-fi.com

updated_at 18-09-2022