In a world where cyber crimes are on the rise and valuable data is sometimes unprotected, phishing is a commonplace act. This article will inform you about what phishing is and describe its types while mentioning how one can protect themselves against it.
A practice that generally takes place through emails, phishing refers to attacks/communications which seem to appear from trusted sources. The attacks are directed to steal valuable data(i.e. bank information/confidential company information) or infect a machine with malware.
Types of phishing scams and how to protect yourself
Deceptive phishing
This form of phishing acts upon the human nature of wanting to fix what is wrong. It uses emails which appear to have been sent from large scale companies or banks, asking you to fix a certain discrepancy. The provided links usually lead to rigged websites which appear legitimate but act as gateways for login information to be stolen.
One can protect themselves by –
- Paying attention to the sender of the email.
- Looking for grammatical errors in the email.
- Paying attention to the graphic design of the email.
The factors mentioned above are not given attention to by scammers and can be used for identification of fraud.
In the News: ‘Winter is here’ but beware of these Game of Thrones phishing websites
Spear phishing
Picking on one person from behind a screen is much easier than one may think due to all the information one makes public nowadays due to social media.
The emails used in this method are catered to an individual in an attempt to show the receiver of a possible bond existing between them and the sender. The supposed bond tends to incite the user to check the provided link out which in the end leads to malware being downloaded or information being phished by a fraudulent site.
Whaling
The term for this kind of phishing comes from the basis of its target. Whaling is performed upon large companies or their top executives because attacking a large employee workforce may eventually lead to success. In some cases, executives are usually unprotected or unaware of such scams.
This can be prevented by –
- Keeping corporate devices up to date with anti-virus software
- Making all employees(including executives) attend security awareness events so that they are well informed about the current trends and are better able to protect themselves.
Pharming
The term comes from a combination of the words farming and phishing. This form is a literal combination of its root words. Users visiting top websites are usually redirected to similar looking websites which are set up to steal login information.
One may wonder as to how this is possible, pharming is made possible due to DNS cache poisoning or by changing the host’s file on a user’s computer.
This can be prevented by using trusted ISPs, HTTPS-secured sites and installing anti-virus software on all devices.
Related read: Millennials, Gen Z most likely to lose money to tech support phishing scams: Detailed report