In this post, you will learn what is phishing exactly and how it works. I have already written a post on 9 types of social engineering attacks. And phishings comes under social engineering attacks. So, please read the post, click here.
What is phishing?
Phishing is a type of social engineering attack. However, in today’s world, this type of cyberattack is considered a traditional cyberattack. This means this phishings attack became very old and there are more than enough security prevention for phishing.
We all knew social engineering attacks are directly related to human beings. And even phishings is directly related to human beings. This means that a phishings attack will execute only if the human who accesses the computer clicks the malicious mail or allows any notification.
The attack may be very old but still, the success rate is very high. The reason why the phishings attack success rate is high is because of untrained employees.
The idea of a phishing’s attack is somehow gain users credentials in a fraudulent way. The attackers may use any different types for phishing but ultimately their goal is to compromise the target account, device or may even demand ransom.
Yes, I accept some terrible attacks was started by phishings and over the years the cybercriminals also made their phishing attacks like a legit one.
Usually, the attack spread through mails and there are several tools to make the mail content more professional and even sometimes a security professional will click the link.
Just take a look at the below image of how the hell the phishings email I got is so legit. Of course, I didn’t click the mail if an untrained employee checks this for sure he/she will click the authenticating page.
Also Read: What is a dumpster diving
Types of Phishing attacks?
There are many types, I have mentioned the most used type of phishing attack.
- Spear phishing
Spear phishing’s is also a type of phishing and also vishing attack. In spear phishing’s, the hacker does a targeted attack. This means the hacker knows the target and then attacks.
Vishing is also a type of phishing’s attack. This Phishing’s attack takes place only in calling. Also, the stupid scam calls are called Phishing attacks. Mostly older people are targeted.
Smishing is also a type of phishing’s attack. The cybercriminal will send the text only is called a smishing attack. Eg of smishing is the image ???????? you can see.
Also Read: What is a Privilege escalation
How to stop phishing attack
- Stop clicking unwanted links
- Add an Antivirus extension to your browser.
- Update frequently.
Also Read: Ophcrack – Overview
Also Read: The three security postures