Phishing is one of the most common cyber crimes which are done by hackers. This is an attempt to obtain confidential information such as usernames, passwords and credit card details by disguising as a trustworthy source says William D King. Hence, many companies and organization train their employees to identify such emails which seem to be bogus and looks like they are sent from reliable sources.
What is Phishing?
Phishing is the attempt of gaining access to sensitive information by masquerading as a trustworthy entity in an electronic communication (e-mail). A phish email usually includes a link or some other method of sending your personal data/password etc. some reading this might say “phishing only happens on the internet”, but phishing can also occur over the phone, examples would be those who pretend to be from Microsoft support telling you that your computer has been infected with viruses so that they can gain access to your computer.
Phishing usually takes place over email where hackers send out mass emails with subject headers that are designed to entice the reader into opening the message when in fact they may contain links that appear legitimate at first glance but they are in fact malicious. These emails are being sent from fake websites that are similar to real sites in order for victims do not to notice the difference.
It is also possible for phishes to extract personal information by calling users of ISPs and asking them questions about their account or updating billing information on a service. The legal definition of Phishing in some countries is, any process by which an online phished sends an email purporting to be from an established business in order to fraudulently acquire personal information.
Types of Phishing Attacks: There are many different types of online phishing attacks, some of the most common ones are listed below.
1) Fake Login Pages –
This is one of the most dangerous types of phishing attack as it can allow unauthorized access to all information stored on the server. Hackers usually include a link in their email that redirects users to fake login pages. Which looks very similar or exactly like the original site that they wish to imitate for their own personal gain says William D King. When you enter your username and password into these pages. It is sent directly to them without any encryption (the process used by banks right now). This method relies on spear phishing where hackers target specific people. Who may be famous or work for rich companies like bank employees, government officials etc.
2) Fake Web Sites –
Hackers may set up fake websites that resemble the real ones. In order to obtain your sensitive information. Such as passwords and credit card numbers (phishing sites often ask you for this kind of information). They often make these sites look very convincing by using logos and images from the website. They are imitating and offering links where it appears. Like you will be automatically sent to the correct site but actually it is a phishing link. These fake WebPages can be difficult to identify unless you know what the real webpage looks like. Or some other means such as if the email message seems suspicious. Then there might be a chance that it is a phishing attempt.
3) Malware Attacks –
This is a well known type of attack which happens. When hackers attach a file To an email that appear legitimate to the user but once they click on it. Malware gets installed in their computer and cybercriminals gain remote access to the machine. In this way they can steal confidential information such as passwords or install key loggers. Which will make them able to obtain information from each time you enter your passcode into your computer.
4) Water holing –
This is another form of phishing attack where hackers create fake WebPages that resemble an authentic one. In order to trick people into entering their sensitive information into a fake page instead of the real one.
5) Mobile Phishing –
With an increase in usage of mobile devices by businesses and individuals. There is a corresponding increase in the number of attacks that target mobile devices. These types of phishing attacks use similar techniques to their web counterparts. And are generally directed at the data held on a smartphone or tablet computer. This can be used in order to access user’s sensitive information. Such as passwords which can be used in other types of attacks.
Phishing is one of the most common hacking techniques used. In order to break into people’s accounts explains William D King. This is why it is extremely important to take certain precautions. In order to stay protected against these kinds of attacks.