What would you do if you wanted someone’s password for an account? You cannot just ask immediately because that will never work if you are a trusted friend. So what you do next is set up a trap and fake the users to retrieve it. In this post, I am sharing necessary details on Phishing and types of Phishing.
What is Phishing? Types of Phishing
Let’s say I have an account is some XYZ bank, which is widespread, and you know it. Since you cannot get the details directly, you send me an email disguised as coming from that bank. It is designed using real using logos, correctly formatted sentences, and the bank’s manager’s name under it. It is almost impossible for me to find if that email is fake.
Next, I read the email in which you had also asked me to “Please follow the link and confirm your password, as it’s going to expire today.” I follow it and end up giving my account details. It is called phishing.
According to Wikipedia :
Phishing is a Criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. (Wikipedia)
Types of Phishing
An SMS message designed to scare the recipient into calling a number to enquire about something (like a piece of fake purchase information or tempting lottery money) would provide the attacker a validation of your number, meaning he knows that this number is valid.
In today’s world, most people have a phone, and they work as well as personal computers. A spam link sent over an SMS can be instantly opened on your phone. An alternate way is to ask people to call and lure them into a trap.
These are a severe threat to the mobile because of the technology itself. As technology advances, even the spammers get smarter because there are always loopholes. How fast they grow and spread is alarming now. Bluetooth, 5G, 4G, VOLTE. They can get into your mobiles in the form of wallpapers and ringtones. In short, anything we like and is attractive.
Once installed, they can spread themselves again through messages and can access your contact list. So one of the best solutions is don’t download or accept these things unless you know you were supposed to get them.
Spear phishing is targeted at a specific group or an enterprise. Let’s say you are an employee of a company, and you get an email that looks exactly like your project manager sent it. And in the email it asks you for vital information about the company. You don’t mind sending him(after all, he is your boss!!).
It’s intended to get viable information and passwords, and beware. They can contain trojans to knock down your system after you have given the details!! You can find the link ever back.