What would you do if you want someone’s password for an account? You cannot just ask right away, because that will never work if you are a trusted friend. So what you do next is set up a trap, fake the users to retrieve it. In this post, I am sharing necessary details on Phishing and types of Phishing.
What is Phishing? Types of Phishing
Let’s say I have an account is some xyz bank, which is widespread, and you know it. Since you cannot get the details directly, you send me an email that is disguised to be coming from that bank. It is designed using real using logos, correctly formatted sentences, and with the bank’s manager name under it. It is almost impossible for me to find if that email is fake.
Next, I read the email in which you had also asked me to “Please, follow the link and confirm your password, as its going to expire today.” I follow it and end up giving my account details. It is called phishing.
According to Wikipedia :
Phishing is termed as “Criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.(Wikpedia)”
Types of Phishing
An SMS message designed to scare the recipient into calling a number to enquire about something (like a piece of fake purchase information or tempting lottery money) would provide the attacker a validation of your number, meaning he knows that this number is valid.
In today’s world, most people have a phone, and they work as good as personal computers. A spam link sent over an SMS can be instantly opened on your phone. An alternate way is to ask people to call and lure them into a trap.
These are a severe threat to the mobile because of the technology itself. As technology advances, even the spammers get smarter because there is always loopholes. How fast they grow and spread is alarming now. Bluetooth, 4G, VOLTE. They can get into your mobiles in the form of wallpapers, ringtones. In short anything, we like and is attractive.
Once installed, they can spread themselves again through messages and can access your contact list. So one of the best solutions is don’t download or accept these things unless you know you were supposed to get it.
Spear phishing is targeted at a specific group or an enterprise. Let’s say you are an employee of a company, and you get an email that looks exactly like your project manager sent it. And in the email, it asks you for vital information about the company. You don’t mind sending him(after all he is your boss!!).
Its intended to get viable information and passwords, and beware they can be containing trojans to knock down your system after you gave given the details!! You cant the link ever back.