A phishing attack according to Wikipedia is an example of social engineering techniques used to deceive users. These are mostly fraudulent attempts to obtain personal information such as passwords, banking details, home addresses, and usernames by disguising as a credible item in electronic communication.
Phishing is usually meant to either make the victim hand over sensitive information by getting credentials or downloading malware to infect the system. There are different types of phishing attacks, and it is necessary to know about these attacks to ensure your information is safe.
This type of phishing completely relies on personalization; instead of targeting a whole group of people, the attackers focus on one to get into the system. The victim is usually researched on mostly through social media – this way the information sent by the fraudster is custom made to actually convince the victim they have a connection. The fraudster then uses this vulnerability to get the victim to click on a malicious URL or email attachment leading to access to data.
Fraudsters have found ways to create fake websites that may look exactly like the original of a company or organization. The impersonated website will then use threats and a sense of urgency to make the victim provide information that may lead to giving of login credentials or personal information. An example would be an email asking an account holder to verify discrepancies in his or her account but then the link redirects to a malicious URL. VPN connections that come with malicious website detectors can help curb this type of phishing. For this purpose you can use a free VPN, for example Hotspot Shield. Also Tunnelbear and ProtonVPN are the choices which most commonly appear in ‘best of’ lists on review sites.
Imagine what would happen to a company’s information if the top executives’ login credentials are accessed by a hacker. This type of phishing is specifically designed to target the most important people in an organization typically known as ‘the big fish”. A top executive such as a CEO will most likely be able to access a lot of information regarding the company, hence profiling them and getting their credentials will easily lead to access to a lot of sensitive information.
Traditional methods of phishing are starting to fail hence leading to fraudsters changing their tactics and now using Pharming. This mode of attack stems from the domain name system cache poisoning. What normally happens is that the internet uses DNS servers to convert alphabetic website names to numerical IP addresses used to locate services and devices. In the event of a DNS cache poisoning, the attacker targets a DNS server and changes the IP address associated with an alphabetic website name. This enables the attacker to redirect users with the correct website name to malicious websites. The most dangerous thing about this type of phishing is that the user does not have to click on any malicious ink or download any malware.
Business Email Compromise (BEC)
Getting an email from your CEO regarding financial transactions may lead an employee to act on it, but this may just be the work of a fraudster. The idea is to target employees in the finance or accounting department. The attack usually takes the form of an email which looks like it came from the compromised colleague, and since the fraudsters are likely to have studied the company’s processes and procedures; they are likely to be successful in tricking the employee.
Have you ever received a voice message from your “bank” asking you to call a number to verify your details or pin? Well, you may have just been in contact with a fraudster. Vishing is basically phishing but over the phone thus using voice. The number provided to call will typically ring straight to the attacker’s phone via voice-over-IP service and divulging information will lead to data access.
You need to be highly suspicious when receiving a similar message to what you had received earlier but with a different attachment. Attackers have been known to clone previous legitimate messages to get victims to click and open malicious attachments. They may even have an explanation as to why the message had to be resent. An attacker may also use a cloned website with a spoofed domain to get more access.
Phishing is among the most common form of cyber-attacks, and it clearly proves that any employee or individual can be used to get to the system. Organizations and individuals may be vulnerable to the above, and it is advisable for them to take a keen interest in the safety of their information. User education should be at the forefront of anyone wanting to secure their information. Investing in good antivirus software for all devices, implementing virus database updates along with security upgrades issued by a trusted Internet Service Provider on a regular basis are some of the ways of getting secure these may not protect sensitive information fully but it is a good start to ensuring the same.
Are there any other forms of phishing that you are aware of?
Note: This post was sponsored by ARGUS LABS LIMITED
More from ESX Virtualization
- ESXi Free vs Paid – What are the differences?
- What is VMware vCenter Convergence Tool?
- ESXi Free vs Paid – What are the differences?
- How To Reset ESXi Root Password via Microsoft AD
- How to Patch VMware vCenter Server Appliance (VCSA) 6.7 Offline
- How To do a Dry Run of an esxcli Installation or Upgrade on VMware ESXi
- Veeam Availability Console Released (VAC)