What is phishing?

Phishing is one of the most common types of online scams that can take many forms. It involves using a trick against a user and impersonating websites that he trusts the most, such as bank pages or social media accounts, often different from real ones with a barely noticeable name change in the link. Most often, you send an email asking you to log in to your bank or other account page to verify or confirm your data, along with a link to a fake page. Please note, however, that such websites never require us to do so.

Criminals using this type of attack depend on your personal information, such as credit card numbers, insurance and passwords and logins to your online accounts. This is the most popular and most common cyber-frontal attack, which is much easier and more effective compared to m.in. breaking through the security firewalls of various types of software.

How do I recognize a phishing (phishing message)?

Typically, the victim receives an email from the sender, using an email address similar to the one known to him, or pretending to be a known company, which contains a link to the infected page. It may also have an unsafe attachment that installs a malicious program on your computer after downloading it. So how do you recognize an email that probably uses a well-known company logo and impersonates it, or an address from which the future message just resembles the one you know well?

There are a few things to look out for that should arouse your suspicion:

 

  • The message contains links with spelling errors, to subdomains or other suspicious websites
  • The sender uses email aliases pretending to be an enterprise or service that you need to click on to know the sender’s real email
  • The sender uses public email services such as Gmail hotmail ect.
  • The message is written in such a way as to arouse fear
  • Not always, but often requires the user to verify personal information, such as credit card details or password
  • The language of the message is simple and may contain errors or typos

Manipulating links

Phishing attacks target you to redirect you to fake websites where you provide your valuable data, such as logins and passwords. To this end, in order to raise as little suspicion as possible, their senders dangerously manipulate the links contained in the messages sent, especially those linked to the addresses of the banks.

In older, out-of-the-box browsers like Internet Explorer 6, cybercriminals use the ability to hide real web addresses. In e-mail messages, it is also very easy to hide a real link by linking a piece of text.

The last technique, based on your inattention, is to use a link with a typo, e.g. paypai.com instead paypal.com. Often in a link, a period (e.g. name your bank.com.login instead of a bankname.com/login) or a dash takes the place of the slash. It also happens that words are replaced in places, such as login-nazwatwojegobanku.pl. Usually, such an error remains unnoticed.

Types of phishing

Hackers use a variety of techniques to increase your chances of successful attack, fear, naivety, and error.

Common to all these link manipulation techniques is that each of them directs you to a page where you will have to log in or provide your credit card details, which will then go to the hacker database.

Due to the method used by cyber criminals, several types of phishing can be extracted:

Spear phishing

This type of attack is directed to a specific person or company after prior collection of detailed information about them. Personalized messages are used to increase their effectiveness and credibility. These emails often contain information about colleagues or executives in your company, as well as personal information such as your name, first name, current location, and other details.

Whaling

This type of attack is directed to a specific person or company after prior collection of detailed information about them. Personalized messages are used to increase their effectiveness and credibility. These emails often contain information about colleagues or executives in your company, as well as personal information such as your name, first name, current location, and other details.

Clone phishing

This type of attack uses a copy of an authentic message containing an attachment or website address to easily replace it with hacked fake and dangerous links to websites or downloads. This increases their chances of deceiving a victim who unwittingly, without checking the sender and link, clicks and downloads the infected content or uploads their data.

Phone and SMS phishing

In the case of attempts to carry out phishing by phone, also called ‘vishing’, the person calling the victim is given as a representative of the bank, the police and even the tax office. Its purpose is to intimidate, inform about serious problems and force you to provide your personal data in order to verify or pay the penalty immediately. It usually indicates that payment can be made by traditional transfer or a prepaid card, which cannot be tracked.
SMS phishing, also known as “smishing”, is in turn very similar to email attacks and involves sending a malicious link via SMS.

Pharming

This is another type of phishing – much more dangerous and difficult to detect, which can take two forms. One of them is to use a global DNS server to redirect from a selected page to an identical-looking page of cyber criminals. In this case, the entire DNS server is infected and each person using it is transferred to a fake page, and the data entered on it is saved in the hacker database. The second one works on a smaller scale because it infects your computer by uploading malware that, when you type an address such as your bank into your browser, opens a page that looks identical to the scammers.

419/Nigerian scams

The name comes from the first attack of its kind that immerses the victim in a psychological game, the purpose of which is to extort money, credit card number or bank account details. Probably, each of us once received a message, from which it appears that a certain person wants to share his winnings with us or keep his money in our account, and for this favor to pass on the cash prize. However, in order to take advantage of this opportunity, it is necessary for the recipient of the e-mail to provide the data or the indicated fees, usually related to the necessary formalities. After submitting them, however, the reward never goes to our account, and the money that was lost in the event of this type of attack is practically impossible to recover.

Currently, in most phishing attacks, criminals choose specific people who want to cheat, but there are still cases where messages are sent en masse to reach the person who acquires it.

How do I remove phishing if you’ve been a victim?

First, scan your smartphone, computer or tablet with antivirus software for threats and delete suspicious files, or quarantine them so hackers don’t spy on you or intercept your next data. Get the best antivirus protection that comes with full online threat protection.

Secondly, immediately after scanning your antivirus program, change all your passwords using difficult and complex combinations of letters, numbers and characters. A unique and strong password may be more difficult to remember, but it will provide greater security in the future.

Thirdly, report the problem to all bank and postal service providers and provide information on this situation to proper authorities. Any steps you take will increase your chances of recovering funds if they disappear from your bank account and reduce the risk of further attacks.

Protection against phishing. How do I prevent attacks?

As we wrote earlier, a phishing attack is a threat to any device connected to the Internet. The most important thing in protecting against the threat is your vigilance. Remember that phishers are waiting for your inattention and best moment. You can also use antivirus software to alert you and protect your computer and data if hackers manage to deceive you.

Here are some of the best practices to keep you safe:

  • Don’t check or delete emails from unknown senders.
  • If there’s a link to a page address in a suspicious email, it’s best not to click on it at all, or go to it by typing the address manually in your browser.
  • The address of each page you visit should contain “HTTPS”, where “S” means protecting the link and securing it with the appropriate protocol and reduced risk of hacking attacks. Avoid pages that only have an “HTTP” designation in the address.
  • If the email you received appears suspicious to you, copy the content or sender and check your web search engine to see if there is information about the attacks associated with the message.
  • If you get information about your winnings (e.g. a new iPhone or lottery money you didn’t participate in) you should have a red light. If such information is too promising to be true, it is most likely the case.

Summary

Effective protection does not have to be associated with large financial costs. It is enough to remember about proper training of employees, setting boundaries and rules of cooperation. The basis is vigilance, which can be increased together with the installation of anti-virus software and firewall on all company devices and employees’ private tools. Such a solution will ensure 24/7 protection against threats from the network, e.g. protection money applications, bots that steal passwords or the most harmful viruses. Nowadays, taking care of the security of ICT data is the basis in every company, because once stolen data can contribute to its collapse.