Have you ever heard or received malicious email that imitates real person such as bank manager, government officer. Once the email is opened, it contains scary message and asks to take action. A link will be in the email which once clicked, looks like legitimate website and it will prompt to enter username and password credentials. Once entered, the information is sent to the hackers which will be misused for monetary gains.
What is phishing? Phishing is the process of fraudulently getting sensitive and confidential information, such as usernames, passwords, and credit card. This information is often used by phishers by disguising as a reliable source and information are often used for malicious reasons, such as financial frauds.
Types of Phishing
Spear Phishing: Email phishing is one of the main phishing techniques used by phishers. In this type of phishing, an email message is sent to users with an attachment or link from an email address similar or identical to the genuine email address. The attachment will usually be a malicious one that may compromise the confidential and financial user information.
Website Phishing: Have you ever come across a clone of a reputed website? If yes, what was your experience? Website cloning is one of the major threats in the cyber world. This is a phishing method to capture user information through fake websites that appear similar to genuine websites. Website-cloning is widely popular for websites of banks and government institutions. It is performed through fake websites that appear similar to genuine websites.
Pharming: Pharming is also performed by installing malicious software on your digital devices by changing the hosts file so that users are redirected to a fraudulent website. The fraudulent website usually resembles the legitimate site and will request user’s personal information, such as the username and password or PIN. It’s a technique that redirects you to fake websites even when you provide the correct website address.
Vishing: Also known as phone phishing, is similar to phishing and is executed through fake telephone calls. Unlike other types of phishing where an email message is used, vishers use telephone to execute their fraudulent objectives. The vishers usually appear as genuine but will have malicious intent of gaining access to your confidential and financial information.
Smishing: This method uses SMS to motivate and share the confidential and personal information with a malicious intent to compromise your information. Sometimes, the SMS will contain an hyperlink and if you click it, malicious software may get downloaded in your mobile phone.
How does phishing work?
Phishing is usually done through email spoofing or instant messaging. These emails and messages will have hyperlinks that often directs the users to enter sensitive and confidential information on a fake website, which may appear and function the same way as the genuine or legitimate one.
How to Prevent Phishing?
Install anti-phishing software: Ensure that a reputed antivirus software, or Internet Security Suite that has anti-phishing software as an add-on, is installed. The add-on will usually be available as a toolbar.
Beware of attachments and SMS from unknown sources: Do not click hyperlinks or open attachments received through unsolicited email messages or SMS. Verify the authenticity of the email attachments before downloading and opening them because a malicious software will compromise the security of your digital device.
Never share confidential information: Do not share confidential information with anyone through any medium, including email messages and telephone calls.
The anti-phishing software is usually a program that has capabilities to detect phishing-related threats in websites and e-mail messages, and thereby protect you against frauds. In most cases, software such as 360 internet protection, Adguard AdBlocker etc is integrated with the web browser in the form of a toolbar that correctly displays the name of the website you are visiting. This toolbar enables you to identify the fraudulent websites that disguise as genuine websites. Usually, the anti-phishing software is bundled with an antivirus software or Internet security suite.