BY Gouri Rajendra Uplenchwar | November 02, 2022
Phishing is a type of social engineering in which an attacker sends a false message intended to deceive a person into granting sensitive information to the attacker or to install malicious software such as ransomware. Depending on the attacker, phishing can target a wide variety of people.
Phishing can also be a targeted attack that is directed at a particular person. Often, the attacker will write you a personalised email that contains facts that only an acquaintance would know. This data is typically obtained by an attacker after getting access to your personal information. Even the most cautious recipients may have a very tough time avoiding becoming a victim if the email is of this kind. According to PhishMe Research, almost 97% of all phishing emails contain ransomware.
Even while social media and messaging applications are becoming more and more popular, email is still the preferred method of internet communication for millions of Americans. Over 24.3 billion of the 28.6 billion cyber threats that Trend Micro prevented globally in the first half of 2019 were sent via email. That's 91%. Phishing is a tried-and-true tactic that hackers have been utilising for years that enabled many of these risks.
The mid-1990s, when hacking software made it possible to target large numbers of people with password-stealing frauds on America Online, are significant turning points in the history of phishing (AOL). Software product AOHell was the first of these, and it was there that the term "phishing" was first used and in January 1995, the programme given automated system for stealing passwords and credit cards.
Potential victims received emails with the subject "ILOVEYOU" and a link to a letter early in the year 2000. The attachment contained a virus that would rewrite files on the victim's computer and spread to the user's contact list, and several phishers began to register phishing websites. A phishing website is a domain that impersonates a legitimate website by name and appearance. Phishing tactics have expanded in variety throughout the years and may now be more harmful than ever. With the incorporation of social media and login options like "login with Facebook," an attacker may be able to steal many pieces of personal information about a person with a single phished password, leaving them open to ransomware assaults.
Attackers use various techniques to trap their victims:
• Link manipulation/URL hiding
• Link shortening
• Homograph spoofing
• Open redirect vulnerability
Types of phishing attacks range from simple email phishing to more inventive ways.
1) Spear Phishing
Spear phishing targets group or person, such as system administrator for business. The recipient's line of work, the download link the victim is asked to click, and the requirement for an urgent reaction are all taken into consideration.
Whaling is a specialised form of phishing that often targets a CEO, CFO, or any CXX inside a company or an industry. Company may subject to legal repercussions and click the link to learn more according to whaling email. The link directs you to a screen where you must enter important firm information, like the tax ID and bank account details.
Smishing is a type of attack that utilises text messaging or short message service (SMS) that includes a clickable link or a call back phone number. Smishing attacks frequently take the form of SMS messages that appear to be from your financial institution. Your bank account number and SSN are requested for verification, and once these are obtained, the attacker gains access to your bank account.
A vishing attack is a call from a person posing as a Microsoft representative. You are informed by this person that they have found a virus on your computer. Attacker next request credit card details in order to upgrade your computer's antivirus programme.
5) Email phishing
The most prevalent form of phishing is email phishing, which has been around since the 1990s. These emails are sent by hackers to any email address they can find. Typically, the email alerts you to the compromise of your account and requests that you respond promptly by clicking on a link. An email sent by a hacker looks to be from you. The hacker alleges that they have control over both your computer and email account.
How to recognize a phishing E-mail?
There are number of indicators that message is a phishing attempt. These include:
• Message uses subdomains, misspelled URLs or suspicious URLs or it is either poorly written and has spelling and grammatical errors.
• Recipient uses a Gmail or other public email address rather than a corporate email address.
• Message is written to invoke fear or a sense of urgency.
• Message includes a request to verify personal information, such as financial details or a password.
Pharming is a sort of phishing attack that switches users from a trustworthy website to one that is fraudulent by poisoning the DNS cache. This is done in an effort to deceive people into entering their personal login information on the bogus website.
7) Search Engine Phishing
Hackers that want to appear first in a search using a search engine use a technique called search engine phishing, sometimes referred to as SEO poisoning or SEO Trojans. You are taken to the hacker's website by clicking on the link that is displayed by the search engine. When you engage with the website and/or enter sensitive data, threat actors can use that information to steal your information. Hacker websites can pretend to be any kind of website, but banks, money transfer services, social media platforms, and shopping websites are popular targets.
Hackers behind phishing attacks are basically shooting for a handful of outcomes. These are:
Data theft / Identity Theft
Either they want to use the data themselves to commit identity fraud or they want to sell it to con artists on the dark web. The simplest method of obtaining this is to persuade the user to click through to a different phishing website where they are asked to enter their information. The page itself is falsified to appear to be hosted by an authentic company, much like the email was.
Unknowingly installing malware on your computer by clicking through on a phishing email. Another possibility is that it's a banking Trojan meant to steal your banking logins.
A popular extortion scheme involves making the victim think their webcam was used to record them in an unflattering situation. Attacker threatens to release the video footage to all victims’ contacts if they don’t pay ransom.
To prevent phishing messages from reaching end users, experts recommend security controls, including:
• Antivirus and antispyware software
• Desktop and network firewalls
• Anti-phishing toolbar
• Gateway email and spam filter and phishing filters from vendors such as Microsoft
• Web security gateway
• Be aware of any unsolicited email, even if it appears to come from a reputable vendor
• Don’t click any unsolicited emails or download attachments
• If an email asks for personal data, check directly with the source independently, rather than clicking/replying
Several actions can be taken by businesses to lessen phishing and spear phishing attacks:
• Two-factor authentication (2FA), which adds an additional layer of verification when entering in to critical applications, is the most successful strategy for thwarting phishing assaults. Users must have both a password and a user name in order to use 2FA.
• Organizations should implement strong password management procedures in addition to 2FA. Employees should, for instance, be obliged to change their passwords periodically and should not be permitted to use the same password for several applications.
• By encouraging security behaviours like avoiding clicking on external email links, educational efforts help reduce the threat of phishing attempts.
Phishing scams come in all shapes and sizes. Users can stay safe, alert and prepare. Examples of phishing attacks include:
Digital Payment-based Scams
It is common practise to trick phishing victims into providing sensitive information by using popular payment applications and websites. Phishers pose as online payment providers (such as PayPal, Venmo or TransferWise). Generally, these attacks are performed through email, where a fake version of trusted payment service asks user to verify log-in details and other identifying information. Often, these phishing attempts include a link to bogus "spoof" page.
Phishing relies on the notion that victims will become terrified and provide personal information to the con artist. Typically, con artists pretend to be banks or other financial institutions. In an email or phone conversation, the fraudster informs their potential victim that their security has been hacked. Scammers frequently employ the threat of identity theft to accomplish just that.
Work-related phishing scams
These are particularly concerning because this kind of scam can be incredibly individualised and challenging to recognise. In these situations, an attacker contacts the victim and asks a wire transfer or a fictitious purchase while posing as the recipient's employer, CEO, or CFO.
To learn more, visit the Sherlock Institute of Forensic Science India where the team of expert professionals and certified faculty provides you with a great opportunity to learn forensics by attending different forensic events organized from time to time. Also, you can learn by registering yourself in forensic courses and training programs offered by SIFS India both in online and offline mode. You can also visit our YouTube channel for all the events recoding.
Join our Telegram Channel for the hub of forensic books and study material.
You can put your review here if you have a great experience with SIFS India.
You can Attempt the weekly forensic quiz and post your certificate on social media by tagging the official Page of SIFS India with proper hashtags such as #SIFSIndia #LearnForensic to get a chance to be the winner.