What is phishing?
Phishing is a social engineering attack to trick you into revealing your personal and confidential information. It is also a common type of cyber-attack. The term phishing is commonly used to describe this artifice. There is also a good reason for the use of ph instead of f. The earliest hackers were known as phreaks. Phreaking refers to the exploration or experimenting and study of telecommunication. Phreaks and hackers have always been closely related. The ph spelling was used to link phishing frauds with these underground communities.
History of phishing
A phishing technique was first ever described in detail in a paper presentation delivered to 1987 international HP user group. the first ever known phishing direct attack was attempted against a payment system affected E-gold in June 2001 which was followed up by a “post-9/11 id check” shortly after the attack on the World Trade Center on September 11 which made a huge noise. And followed by several attacks.
The term phishing can be traced in the early 1990s via American online or AOL. where a group of hackers banded together called themselves as “The Warez Community” are considered as the first hackers. In early fraudulence, they developed an algorithm which allowed them to generate fake credit card numbers. which they would later use to attempt to make phony AOL accounts.
Types of Phishing
- Deceptive Phishing
- Spear Phishing
Deceptive phishing is one of the most used phishing methods. In this method, the attackers attempt to gather all the confidential information from the victims. These attackers use the gathered information to steal or to launch other attacks. A fake email is been generated from a bank asking you to click a link and verify your account details.
Spear Phishing basically targets individuals instead of a large group. Attackers usually a victim on social media and other websites so that they can customize their communication and appear more realistic Spear phishing is one of the most commonly used or the first step used to penetrate a company’s defences and carry out an attack research their
Whaling is a method used to attack directly senior or important individuals at an organization or a company. These attackers often spend a huge amount of time on target by gathering information. once an opportune moment is gained, they launch an attack or steal login credentials. whaling attack is only targeted on high-level executives who are able to access the confidential part of the company’s information. This method is also known as CEO fraud.
Pharming is as similar as a phishing attack. here the victims are directed to bogus sites through fictitious emails and to reveal their sensitive information. But in pharming, the victim does not even have to click on the link in the email. the attacker can easily infect the user’s computer or the web server and redirect it to a fake site even if the correct URL is entered.
Prevention of Phishing
Below are the few important steps to be followed to prevent yourself from phishing attacks
- Keep informed of phishing technique
- Think before you click
- Install an anti-phishing toolbar
- Verify sites security – Check if you are browsing in secure protocol (https) and check the url before entering credentials
- Check online account regularly
- Keep your browser up to date