What Is Phishing?
Phishing is the act of sending a message/email to a user falsely claiming to be an established legitimate enterprise in an attempt to procure the user’s private information, such as passwords.
A phishing email/message usually directs the user to a website which looks very much like the real/legit website.
They are asked to update/provide their personal information, such as a password, bank account numbers, usernames etc., that the legitimate organization already has.
The website, however, is fake and will capture and steal any information the user enters on the page and the information can be viewed by the hacker.
Phishing has caused millions of users to lose their identity and eventually lead to loss of their money, private details such as passwords, etc.
How It’s Done
Phishing is one of the most common types of account infiltration used by hackers as it requires comparatively less effort but still has great potential.
The hackers phish by replicating a legitimate website such as Facebook, Paypal, Twitter etc., and then send the link of the replicated websites to various users of that legit website.
The fake website also has codes input by the hackers that allows them to store the information that the user had typed.
When the user types in the private information, hackers are able to use it in the original/legitimate website; hence they’re able to control the account of the user.
The Major Types Of Phishing Are:
- Email / Spam / Instant messaging: Phishing with email and spam/instant messaging is a very common way of phishing. In this type of phishing, the phishers send an email/message to the user with an urgent note (informing that their account has been suspended or has to be updated). The email also has a link which redirects the user to the above mentioned fake website. The fake website then requests the user to fill in personal details. These details will be used by the phishers for their illegal activities.
- Link Manipulation: Link manipulation is the technique in which the phisher sends a fake link to a user/website. The website URL seems exactly identical to the link of the legit website but the trick is that the link is manipulated and the link redirects to a completely different website/phisher’s website, from where viruses or trojans are inserted into your computer. One of the easiest techniques used to prevent link manipulation is to move the mouse over the link to view the actual address.
The Dangers Of Phishing
Your private details including credit card details can be disclosed and can result in loss of money.
Your account can be hacked and messages can be sent to various people without your knowledge.
By August 2015, approximately 80 million cases of phishing were reported.
Out of the email traffic, 56.35% were reported to be spam. This means that there is a great chance of users falling in the hands of phishers.
More Statistics Can Be Found Out Here:
- https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-2015/ https://securelist.com/analysis/quarterly-spam-reports/71759/spam-and-phishing-in-q2-of-2015/
How To Prevent
If you receive an e-mail, be sure to check their email address and make sure that it’s a legit one.
Call the company from a trusted phone number (go to company website) and verify that they sent you the email.
View The Message Carefully: Phishers usually include urgent actions in their messages.
So be wary for urgent actions that need immediate attention.
Check The Web Address: Although you may be in a site that looks exactly same as the real one, be sure to check the web address as phishers can’t produce the web address of the actual website.
You can also check for security certificates, most of the legit websites have security certificates like SSL which is sure to be missed on the phisher’s website.