Skip to main content

What is Phishing Attack? Understanding Phishing and it's Types

Phishing is a method used by fraudster for stealing valuable personal data from a user. It is generally done by sending emails or creating fake websites. One of the most common attacks that we see on cyberspace is phishing and it is rapidly growing cyber threat. To get the personal information from people attacker send a fraud email to large no. of people and few might fall for the scam. The attacker will ask the victim to provide their sensitive information like credit card information, social security number or username, and password. Phishing is one of the most common cyber-attack it is very easy to do, and it also doesn't require much resources and time. Most of the phishing act are automated and the done in a bulk and they wait for the victim to put their information.  The attacker will create a fake login form, malicious files or personalized message and send the victim to take the action on their email. If it reaches up to the victim, then they might think that the email is legitimate, and they might put their personal info and the attacker will use the credential for their own benefit.  
More than 60% of cyber attacks are associated with phishing and social engineering.
Cyber-attack can be active or passive, we can say that phishing is a passive attack. Phishing is a continual attack and most of the attack is done on social media like Facebook, Twitter, and Instagram. The phishing email will contain a link to the fake website which will look exactly like the legitimate website. Phishing is also called brand spoofing because in this attack attacker is making a fake website of the original one. The attacker is looking for a new niche to attack from where they can gain a lot of profit. Before they used to steal iTunes account information but these they are moving to cryptocurrency platform [1]
Most of the cyber-attacks start with phishing because there is a chance that many people will fall for phishing scam easily. 91% of cyber attacks start with the phishing email [2]. 76% of cybersecurity experts uncovered that there were phishing attacks of some sort in their organizations in 2017. [3]. A phishing attack is being huge, and it is very important for any organizations to apply anti-phishing techniques to protect their sensitive data.

Types of Phishing

Attackers are using different kinds of phishing methods so that they can steal the credentials from the victim. Below are the most common types of phishing:
Deceptive phishing
This is one of the most common phishing types. In this kind of attack, the fraudster will create a website that looks like the website of the legitimate company and sends email to a lot of users with a call of action which will open the login page of the fake website. The attacker will steal the information if the victim inputs their personal information on that form. The attacker will send an email that resembles a legitimate email from the company personnel to get the trust of the victim. So, that victim easily falls for the scam.
In the above figure, we can see that display name is "Microsoft Team" but the email doesn't belong to Microsoft and this is one random email address. Here the email is sent with a link which refers to the phishing site. This is one example of a deceptive phishing email.
Spear Phishing
In spear, phishing attacker tries to trick the victim by being someone they know. For this attacker use the name, email, company or the phone number that the victim already knows and have connection with them. Purpose of doing so is to create more trust level for the attack. The victim will think that they have received an email from the people they know, and they might click on the link that is sent on the email or other media that is used for the attack. 
Smishing
Smishing is a security attack that is done by sending a phishing message on the mobile device of the user with SMS. Since the use of the mobile device is increasing rapidly hackers are moving to mobile devices to trap the people. There are more than 2 billion smartphone phone users [4]. It is easier to spoof a text message hacker using SMS technology to send malicious links.
Search Engine Phishing
If the victim is building any websites and getting it indexed on the search engine for stealing personal credential from the people, it is called search engine phishing. Generally, the victim creates a fake website or the website with fake promises and then they submit their websites on popular search engines like Google, Yahoo, Bing. They do blackhat or greyhat SEO so that their page can be listed on the first page of the search engine. Whenever victim search for the keyword that attacker has targeted and if the page in the top then there is a good chance that victim will fall for the scam. Search engine phishing has become very popular in 2018 because many people use the search engine to find the things that they need, and they even trust the top results they appear on a search engine. 
Attackers these days are also using the paid listing on a search engine. They will create an ad for their websites on the search engine and wait for the victim to fall for the scam [5]. It is more effective than traditional search engine phishing because when they paid for the advertisement the results are at the top and the legitimate website is listed below that. 
Malware-Based Phishing
For malware-based phishing, the attacker will install the malware on the computer of the victim. They might attack the victim in a bulk or they might do a single attack. Once the malware is installed on the system of the victim the malware will start collecting the information from the machine and will submit it to the attacker. Some of the malware-based phishing are keyloggers, session hijackers and web Trojan.  Sometime, an attacker might use the web browser extension to collect the activity of users and data. 
Man in the middle
In this attack, the attackers place themselves in the middle of victim and the website they are trying to access. These days most of the websites and services uses 2 step verification so that if their account information is compromised then no one can access the account because they will need to provide one more credential. Due to rise of two factor authentications on most of the services attackers are using man in the middle attack so that they can steal the credential in the real time providing the 2-step verification code that victim had input.

References:

Comments

Popular posts from this blog

How is Mobile Technology & IoT Devices Affecting IT Security

Technology has changed the way we do business and it has become an essential part of modern commerce. Technology has become the need of every business. Not only they are using technology for marketing their product and providing the better support they are also expanding their presence to the digital world with e-commerce. For communication, business is using latest technologies like VoIP which provide more functionality to the organization and is more easier and faster than traditional communication system. Since every employee needs a computer for their job in the organization, some companies are also promoting Bring Your Own Device (BYOD) on their organization, as it can reduce the cost of buying a new device and increase efficiency since employee are working on their own machine. Although these new technologies have made the job easier and faster they possess several threats to the business. We can see smart IoT devices being installed on the organization to monitor the envi

What is Ransomware & How to Prevent it?

Hackers are looking for a new and easier way to make money by entering on other people's system and ransomware is one of the tools they use to make money by locking the computer of people and organization. In my previous article, I discussed cryptojacking malware and why it is a big threat to information security. On that article, you can read how and why bad guys are injecting code on people's computer to make money from that. Ransomware is another major threat to cyberspace that I would like to discuss this article. What is ransomware? Ransomware is a software that is designed to block access to any system, files or operating system until we pay a certain amount to the attacker. Most of the time the attacker will encrypt the files of the computer and they will provide the key to decrypt only after paying the amount they are demanding. Most of the ransomware attack will give very limited time to the victim to pay the demanded amount and if they fail to decrypt it within th

How to Identify Cryptojacking Malware?

There are several ways to identify the hidden crypto mining malware on our computer. We can either detect and identify that malware manually or by using the third-party antivirus or antimalware tools. These are the few ways to identify the cryptojacking malware on our computer. Monitoring CPU usage If we see unusual CPU usage behavior then our computer might be infected with cryptojacking malware. Usually, there won’t be much CPU usage when the computer is idle. We only see a spike in CPU usage when we are using heavy programs, so if we see high CPU usage on our computer when we are not using any programs on the computer then this might be the result of cryptojacking malware. We can manually monitor the CPU usage of our computer when we open any web browser or open any website. If the CPU usage is increasing when we open any website then there might be cryptojacking code on the website, we can then block those websites from being loaded on our computer. If we see high CPU u