You or anyone you know? Have ever been a victim of a phishing attack?
This phishing attack is not related to a “fishing attack”.
Let’s understand first, What is Phishing?
The phishing attack is a type of social engineering attack that aims at stealing the user’s data. A phishing attack is mostly performed via emails or SMS.
Phishing attacks can be so serious that the attacker can steal your data including login credentials. credit card details, or any other.
Now let’s see how a phishing attack is performed.
Attackers find several ways to perform phishing.
Here are some ways by which they target people.
Email Phishing Attack
The most common method is email phishing where an email is used to lure the individual. The attacker registers a fake domain also while creating fake messages which will be sending it via email. The emails sent by the hackers often look like the original domain due to which anyone can come into their trap. There are many ways to spot a fake email, we will be giving some tips at the end of the blog. Keep reading.
Social Media Phishing Attack
Yet another way to lure individuals is Social Media Phishing. This is a way where an attacker uses social media sites like Facebook, Linkedin, Instagram to obtain the victim’s personal information. Any social media sites sent these malicious links.
Search Engine Phishing
This involved attackers creating their websites and indexing them with other legitimate websites. Meanwhile, these websites often include shopping sites having cheap products and incredible deals to lure individuals online. These fake shopping websites are mostly advertised on Social media sites luring victims to click on the links. While clicking on the link the victim has to fill up the information / create an account and also enter their banking details to complete a purchase. Hence the attacker can steal the personal information from the victims.
Smishing involves sending malicious links via SMS, which is also one of the most commonly used methods of phishing. They work much in a similar way to email phishing. Here the attackers send some messages appearing to be coming from a legitimate source that can contain malicious links.
Vishing is also somewhat similar to smishing. But here a phone call is used to lure the individual. Here a phone call is made where an attacker might call you in respect to whether your insurance has expired, your card will be blocked, won a large amount or your bank account is undergoing some suspicious activity that needs to be remediated quickly. While doing this talk an attacker will eventually ask the victim to provide personal details such as credentials, credit card details, OTP, etc.
These were some ways, where an attacker can lure the individual. now let’s see the preventions to be taken to be safe from these attackers.
- Do not click on anonymous links
- Be aware of traps from any fake websites, that ask for your personal information.
- Do not download any suspicious or unknown attachments.
- If you are somewhat aiming in contact with what appears to be a very good deal at such a cheap rate, it can be fake.
- Do not entertain anyone on calls asking about personal information.
- If you receive a message which makes you panic and take action immediately, do not trust unless you are sure it is sent by your colleague or any person you know.
- Poor grammar, misspelled words, be a sign of a phishing attempt.