Phishing is a type of online fraud based on the principles of social engineering. The main purpose of phishing is to get access to critical data (for example, passport), accounts, Bank details, private service information to use them in the future to steal money. Phishing works by redirecting users to fake network resources that are a complete imitation of the present.
1. The classic phishing — phishing spoofing
This category includes most of all phishing attacks. Attackers send e-mails on behalf of an existing company in order to gain control of users credentials and their personal or service accounts. You can receive a phishing email on behalf of the payment system or Bank, delivery service, online store, social network, tax, etc.
Phishing emails are created with great care. They are practically no different from those letters that the user regularly receives in mailings from this company. The only thing that can alert — please click on the link to perform any action. This transition, however, leads to the site of fraudsters, which is the “twin " page of the Banks website, social network or other legal resource.
The motive for clicking on the link in such letters can be as " carrot ”(”you can get a 70% discount on services if you register within a day“), and” whip ”("Your account is blocked due to suspicious activity. To confirm that you are the account owner, click the link”).
Here is a list of the most popular tricks scammers:
Your account has been or will be blocked /disabled.
Phishing is not always a random attack — attacks are often personalized, targeted. The goal is the same-to force the user to go to a phishing site and leave their credentials.
Naturally, the future victim more confidence will cause a letter in which it is addressed by name, mention the place of work, position held in the company, any other individual data. And the information for targeted phishing attacks people often provide themselves. Especially "harvest" for criminals resources such as the well — known LinkedIn-creating a resume based on potential employers, everyone is trying to specify more information about yourself.
In order to prevent such situations, organizations should constantly remind employees of the undesirability of placing personal and service information in the public domain.
3. Phishing against top management
Management credentials are of particular interest to fraudsters.
As a rule, security specialists of any company implement a clear system of tolerances and levels of responsibility, depending on the position of the employee. Thus, the sales Manager has access to the product database, and the list of employees of the company for him is a restricted zone. HR-specialist, in turn, is fully aware of which vacancies are occupied by whom, which have just been released, who is worthy of promotion, but has no idea about the numbers and the state of the Bank accounts of his native company. The Manager usually concentrates in his hands access to all the critical nodes of the life of the enterprise or organization.
Having gained access to the head of the companys account, phishing specialists go further and use it to communicate with other departments of the enterprise, for example, approve fraudulent Bank transfers to financial institutions of their choice.
Despite the high level of admission, senior managers do not always participate in training programs for personnel in the basics of information security. Thats why, when a phishing attack is directed against them, it can lead to particularly severe consequences for the company.
4. Phishing emails from Google and Dropbox
Relatively recently, phishing has a new direction-hunting for logins and passwords to log in to cloud data storage.
In the cloud service Dropbox and Google Drive users, both personal and corporate, store a lot of confidential information. These are presentations, tables and documents (service), backups of data from local computers, personal photos and passwords to other services.
Unsurprisingly, gaining access to accounts on these resources is an enticing prospect for attackers. To achieve this goal, use a standard approach. A phishing website is created that completely simulates the account login page on a particular service. In most cases, a phishing link in the email redirects potential victims to it.
5. Phishing emails with attached files
A link to a suspicious site in order to steal user data is not the worst thing phishing is capable of. After all, in this case, criminals will have access only to a certain part of confidential information — login, password, i.e. to an account in a certain service. Much worse, when a phishing attack leads to the compromise of the entire computer of the victim by malicious software: a virus-cipher, a spy, a Trojan.
Such viruses may be contained in attachments to emails. Assuming that the email came from a trusted source, users are willing to download such files and infect their computers, tablets and laptops.
6. What is pharming?
Classic phishing with links to questionable resources is gradually becoming less effective. Experienced users of web services are usually already aware of the danger that a link to a suspicious site can carry and exercise caution when receiving a strange letter or notification. Lure the victim into their networks is becoming increasingly difficult.
As a response to the decrease in the effectiveness of traditional attacks, the attackers invented pharming — a hidden redirect to fraudulent sites.
The essence of pharming is that at the first stage in the victims computer in one way or another implemented Trojan. It is often not recognized by antivirus software, does not manifest itself and is waiting in the wings. The malware is activated only when the user independently, without any external influence, decides to go to the page of interest to criminals on the Internet. Most often these are online banking services, payment systems and other resources that carry out money transactions. This is where the process of substitution takes place: instead of a proven, frequently visited site, the owner of the infected computer gets to the phishing site, where, witho
1. The classic phishing — phishing spoofing
This category includes most of all phishing attacks. Attackers send e-mails on behalf of an existing company in order to gain control of users credentials and their personal or service accounts. You can receive a phishing email on behalf of the payment system or Bank, delivery service, online store, social network, tax, etc.
Phishing emails are created with great care. They are practically no different from those letters that the user regularly receives in mailings from this company. The only thing that can alert — please click on the link to perform any action. This transition, however, leads to the site of fraudsters, which is the “twin " page of the Banks website, social network or other legal resource.
The motive for clicking on the link in such letters can be as " carrot ”(”you can get a 70% discount on services if you register within a day“), and” whip ”("Your account is blocked due to suspicious activity. To confirm that you are the account owner, click the link”).
Here is a list of the most popular tricks scammers:
Your account has been or will be blocked /disabled.
- User intimidation tactics can be very effective. The threat that the account has been or will be blocked in the near future, if the user does not immediately log in to the account, makes you immediately lose vigilance, click on the link in the letter and enter your username and password.
- In this email, the user is asked to log in to the account immediately and update their security settings. The same principle applies as in the previous paragraph. The user panics and forgets about vigilance.
- Most often such letters are sent on behalf of financial institutions. Users tend to believe the truth of the emails, as financial institutions do not send confidential information via email.
- Such letters are included in the trend as soon as the time to pay taxes is approaching. The subjects of the letters can be very different: notification of debt, please send the missing document, notification of the right to receive a tax refund, etc.
Phishing is not always a random attack — attacks are often personalized, targeted. The goal is the same-to force the user to go to a phishing site and leave their credentials.
Naturally, the future victim more confidence will cause a letter in which it is addressed by name, mention the place of work, position held in the company, any other individual data. And the information for targeted phishing attacks people often provide themselves. Especially "harvest" for criminals resources such as the well — known LinkedIn-creating a resume based on potential employers, everyone is trying to specify more information about yourself.
In order to prevent such situations, organizations should constantly remind employees of the undesirability of placing personal and service information in the public domain.
3. Phishing against top management
Management credentials are of particular interest to fraudsters.
As a rule, security specialists of any company implement a clear system of tolerances and levels of responsibility, depending on the position of the employee. Thus, the sales Manager has access to the product database, and the list of employees of the company for him is a restricted zone. HR-specialist, in turn, is fully aware of which vacancies are occupied by whom, which have just been released, who is worthy of promotion, but has no idea about the numbers and the state of the Bank accounts of his native company. The Manager usually concentrates in his hands access to all the critical nodes of the life of the enterprise or organization.
Having gained access to the head of the companys account, phishing specialists go further and use it to communicate with other departments of the enterprise, for example, approve fraudulent Bank transfers to financial institutions of their choice.
Despite the high level of admission, senior managers do not always participate in training programs for personnel in the basics of information security. Thats why, when a phishing attack is directed against them, it can lead to particularly severe consequences for the company.
4. Phishing emails from Google and Dropbox
Relatively recently, phishing has a new direction-hunting for logins and passwords to log in to cloud data storage.
In the cloud service Dropbox and Google Drive users, both personal and corporate, store a lot of confidential information. These are presentations, tables and documents (service), backups of data from local computers, personal photos and passwords to other services.
Unsurprisingly, gaining access to accounts on these resources is an enticing prospect for attackers. To achieve this goal, use a standard approach. A phishing website is created that completely simulates the account login page on a particular service. In most cases, a phishing link in the email redirects potential victims to it.
5. Phishing emails with attached files
A link to a suspicious site in order to steal user data is not the worst thing phishing is capable of. After all, in this case, criminals will have access only to a certain part of confidential information — login, password, i.e. to an account in a certain service. Much worse, when a phishing attack leads to the compromise of the entire computer of the victim by malicious software: a virus-cipher, a spy, a Trojan.
Such viruses may be contained in attachments to emails. Assuming that the email came from a trusted source, users are willing to download such files and infect their computers, tablets and laptops.
6. What is pharming?
Classic phishing with links to questionable resources is gradually becoming less effective. Experienced users of web services are usually already aware of the danger that a link to a suspicious site can carry and exercise caution when receiving a strange letter or notification. Lure the victim into their networks is becoming increasingly difficult.
As a response to the decrease in the effectiveness of traditional attacks, the attackers invented pharming — a hidden redirect to fraudulent sites.
The essence of pharming is that at the first stage in the victims computer in one way or another implemented Trojan. It is often not recognized by antivirus software, does not manifest itself and is waiting in the wings. The malware is activated only when the user independently, without any external influence, decides to go to the page of interest to criminals on the Internet. Most often these are online banking services, payment systems and other resources that carry out money transactions. This is where the process of substitution takes place: instead of a proven, frequently visited site, the owner of the infected computer gets to the phishing site, where, witho