Cybercrime has shown its teeth in the last five years, most predominantly, in the online fraud cases caused by phishing. Have you ever noticed why you are receiving increasing number of spam or fake emails every day? These emails are pretending to be legitimate as they are made to look like they are coming from reputable government institutions, corporate companies, and well-known organizations, when in fact, they are not.
This is called Phishing fraud in which user information like user ID, password, credit card details is acquired during electronic communication, that is, if you give it to them. Phishing mail contain links to websites that are highly infected with malware, with the intention to bring users to the website and extract confidential details from them.
Lines of Attack
Email spoofing and instant messaging are a few types of Phishing fraud which frequently leads users to give out their details on a fake website. The fake sites, look similar to legitimate websites so you aren’t paying attention, you could fall for the trick. There are three techniques of phishing:
Spear Phishing targets chosen group like people from same company or organization instead of throwing thousands of emails randomly. They go up against upper-level targets. In Spear Phishing, the evident source of the e-mail is likely to be a person within the receiver’s own organization and generally, a person who holds authority.
In this technique, a hacker uses the contents and receiver’s address from a legitimate, previously sent mail to a receiver, except this time the content has been replaced with a phishing link, and a fake reply to address.
Whaling involves a web page or email that pretends to be a legitimate. Their target: senior managers in private companies who are in the position to disclose secret company information. Whaling attack emails comprise of a legal summon, consumer complaint, or managerial issues that require an urgent reply from the receiver.
How Phishing Attacks Harm Your Business
Phishing is a serious crime in the cyber world. Due to Phishing, there may be
- financial loss
- data loss
- blacklisting of institutions
- introduction of malware and viruses into a PC or a computer system
- illegal use of user’s details
- misuse of your social security number etc
The phisher can also take a user’s account details and open a new account on the name of the user for financial gain. Phishing can even be used to ruin someone’s life by misappropriating and misusing their personal details.
Phishing Attacks in 2012
According to Anti-Phishing Working Group (APWG), phishing activities have been increasing and most phishing websites are hosted in the US. In the last three months in 2012, an average of over 25,000 unique phishing email reports were reported to the APWG. Plus, the number of unique phishing sites detected exceeded 45,000 per month. For more detailed reports before the last quarter of 2012, click here.
Continue reading over at Hongkiat.com.