Phishing: A deep dive into the most trusted and favorite attack method that continues to wreak havoc worldwide

• Phishing is a fraudulent practice of contacting targets by email, telephone or text message.
• The sensitive data extracted in such attacks include login credentials, personal information and credit card information.

A report from a security firm F5 has revealed that there has been an uptick in phishing attacks across different organizations. Around seventy-one percent of phishing attacks were detected between September and October 2018, which in turn is an alarming situation. A majority of these phishing attacks relied on impersonation CEOs to drain out money from the firms and there is no stop to such attacks.

In simple words, phishing is a fraudulent practice of contacting targets by email, telephone or text message by posing as a legitimate entity and luring individuals into providing sensitive data. The sensitive data extracted in such attacks include login credentials, personal information and credit card information. Apart from stealing information, the phishing attacks have recently been leveraged to install malware or to freeze a system.

Perils of phishing attack

A successful attack can have a devastating effect. For individuals, it includes unauthorized purchases, stealing of funds and identity theft. In some instance, phishing emails are sent to obtain login information or other details of employees so that they can be used in future attacks against a specific company. Lately, the APTs have been using the attack method to distribute ransomware.

Common types of phishing attacks

Spear phishing

Spear phishing is an email-spoofing attack that is used against a specific organization or individual. This is achieved by acquiring personal details of a victim by scanning a social networking site. From a profile, the attackers will able to gather a lot of information about the targeted victim that includes an email address, friends list, geographic location and more. With all this information in hand, the attacker would be able to act as a person known to the victims and send a convincing but fraud message to the target.

Often these messages contain urgent explanations and prompt the targeted individual to share his personal information.

Whaling

Whaling attack occurs when an attacker masquerades as a senior executive such as CEO or CFO of an organization with the aim of stealing money or sensitive information or gaining information for criminal purposes. The attack is named as it involves a bigger size of targets. The attacker spoofs the email address and actual logo of the company to make the targeted individual believe that he is opening an email from a trusted entity. The attack is prominent in businesses such as banks and government agencies.

Pharming

Pharming involves the use of a fraudulent website that appears to be legitimate. The attack is intended to redirect users to fake sites without their knowledge or consent. The attackers send legitimate-looking emails that appear to come from some of the popular sites. These emails contain bogus links which when clicked, takes users to a fake website and asks for personal details. In some instance, pharming attack can also be used to spread malware such as spyware on a victim’s machine.

Staying safe

One way to protect yourself from phishing attack is by recognizing a phishing email.

• Look spelling and grammatical mistakes as well as the sender’s address, as this helps to identify if the person is truly the same whom he claims to be.
• Do not open attachments that come from an untrusted source over email.
• Do not click on links that appear to come from a familiar domain. Instead, visit the site directly by typing the name in the URL address.
• Organizations should implement anti-spoofing tools such as DMARC, DKIM and SPF to detect spoofed emails.