Phishing

Approximately 156 million phishing emails are sent every day. Phishing is a commonly used hack that impersonates a person or a company to gain information about people, it can also be used to install malware on a computer. It is easier for hackers to get people to click on malicious links through a legitimate email.

credit_card_phishing-600x400

Types of Phishing

  • Spear phishing – Targets specific people or companies using specific information to the person or the company to gain unauthorized information. They also appear to come from secure and trusted sources so that the person is more likely to give information away.
  • Pharming – Redirects traffic from a websites traffic to a fraud website, and the person enters their personal information such as passwords and credit card details into the website, thinking that the website is legitimate. The hackers then has digital control of your accounts. It does this by editing and replacing host files, the host files are like an internal Domain Name Server (DNS).
  • Deceptive phishing – Targets many people when an email, text or something of that sorts, again this will impersonate a trusted company to redirect people to a bogus website.

phishing03_web

Prevention

Phishing attacks can be prevented by people being more aware.

  • Learn to identify fake emails, for example: bank will never ask for personal details over email.
  • Access websites by typing the URL into the browsers and you should not access website via hyperlinks and attachments.
  • Double check before entering personal information in any website, make sure the website is trustworthy and legitimate.
  • If the website offers something which is too good to be true it is probably fake.
  • Change your host file to read only this means that a hackers can not redirect you to a fake website.
  • Look at the URL before opening hyperlinks, make sure the URL is not that of a fake website.

What are your thought? Leave your thoughts in the comments.

Advertisements

2 thoughts on “Phishing

  1. I agree that people need to be more security aware, and the tips you have listed above will help people avoid phishing scams. But the phishers are getting better, and the scams are often convincing. It is becoming harder to identify phishing scams.

    The risks to businesses from phishing are considerable. It is the number one threat and training employees once a year is no longer enough. Businesses need to be conducting regular security awareness training sessions to reinforce the above positive behaviors. They should be conducting phishing simulations to find out how effective their training has been, and they need a very good spam filter too to catch the majority of emails.

    Unfortunately, it often takes a major phishing attack or a data breach for them to realize this.

    Like

    • Thank you for your comment.
      I also agree with your comment Phishing is evolving and we need to also improve. We can’t stick with our outdated security strategies. We should be consistently looking for ways to improve the security of our systems. But I think that the problem is that companies don’t spend enough money and allocate enough resources to improve cyber security. As you said it takes a major attack to reach the news and make companies and people realize the seriousness of online security.
      Do you think we will see a rise in Phishing attacks in 2018?

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s