Do we all know what phishing is? Phishing attacks are getting more common every day. Awareness is the best preventive tool when it comes to stopping phishing attacks.
The pandemic drastically affected the increase of phishing attacks, since many employees started to work remotely. The vulnerability of data was also increased by employees using their personal devices. So what is Phishing? and What are the most common types of it?
Phishing is a kind of social engineering attack. It means that such attacks rely on human interaction and induce a user to make a mistake. This mistake will lead to bypassing a security system and compromising a device or a network.
Phishing can be generic scam emails or very personalized and targeted emails. Personalized phishing attacks are tailored to a specific person, they can use information collected from a leak of personal data.
The 5 Most common phishing attacks
Email phishing is the most common type of phishing that has been used since the 1990s. Emails are sent by hackers to any email addresses that they can obtain. Such emails contain malicious links, but a user can usually detect some grammar and spelling mistakes.
Spear phishing is a tactic that uses emails, social media, or other platforms in a highly targeted manner. A spear phishing attack tries to get a user to perform an action that can compromise a network, data loss, or financial loss. It targets a specific person or group of individuals and requires time and in-depth research. A typical spear-phishing attack is an email that looks very close to one you might receive from a friend or colleague, along with a hyperlink to a malicious site.
Whaling is a targeted way of spear phishing that aims to target ‘a bigger phish’ such as a CEO, CFO, or someone else at the top of an organization. A malicious link is sent with an email that redirects to a page filled with viruses.
Vishing attacks use personal information in a similar way as email phishing attacks, but instead of using email it uses telephone communication. It is simply another way to reach the user via a voice call. This call can be, for example, a call that pretends to be from a known organization or company where the targeted user is asked to provide credit card information.
More and more businesses are more concerned about smishing. This is when an attacker sends malicious text messages to users that include malicious links. This form of attack is becoming popular and it entices users to open it as they tend to trust messaging apps more than emails, as they are easier and faster to use. It is easier for a hacker to find a personal phone number compared to other personal data.
Stay always aware and informed with MonkPhish!
Follow us on social media today!