Phishing

Phishing

Your one wrong click on a spam link or
a message can give thieves access to
your personal data.

Phishing

What is phishing?

It is a type of a social engineering attack, often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masked as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.

Types of phishing attack

1. Deceptive phishing
It is the most common type of a cyber fraud. In this case, an attacker attempts to obtain confidential information from the victims. Attackers use the information to steal money or to launch other attacks. A fake email from a bank asking you to click a link and verify your account details is an example of deceptive phishing.

2. Spear phishing
It involves targeting specific individuals instead of a wide group of people. Attackers often research their victims on social media and other sites. That way, they can customize their communications and appear more authentic. It is often the first step used to penetrate a company’s defenses and carry out a targeted attack.

3. Whaling
When attackers go after a “big fish”, it’s called whaling. These attackers often spend considerable time profiling the target to find the opportune moment and means of stealing login credentials.

4. Pharming
In this case, an attacker sends users to a fraudulent website that appears to be legitimate. However, in this case, victims do not even have to click a malicious link to be taken to the bogus site. Attackers can infect either the user’s computer or the website’s DNS server and redirect the user to a fake site even if the correct URL is typed in.

How to avoid being a victim?

  • Use multi factor authentication
  • Monitor suspicious external files
  • Perform real time scan
  • Use encryption for personal data transmission
  • Implement solution for malware and spyware
  • Enable Cyberior cyber fraud protection