computer security info Blog's Page

Back To Blog

What Is Phishing?

  Category:  MALWARE | 2020-02-10 | Author:  CSI TEAM

computer security info

Buy Now - Malware Removal Software

Phishing Is The Fraudulent Practice Of Sending Emails Purporting To Be From Reputable Companies In Order To Induce Individuals To Reveal Personal Information, Such As Passwords And Credit Card Numbers. Phishing Is The Attempt To Obtain Sensitive Information Such As User Names, Passwords, And Credit Card Details (and, Indirectly, Money), Often For Malicious Reasons, By Disguising As A Trustworthy Entity In An Electronic Communication.

The Word Is A Neologism Created As A Homophone Of Fishing Due To The Similarity Of Using A Bait In An Attempt To Catch A Victim. Phishing Is Typically Carried Out By Email Spoofing Or Instant Messaging, And It Often Directs Users To Enter Personal Information At A Fake Website Whose Look And Feel Are Almost Identical To The Legitimate One.

The Communications Purporting To Be From Social Web Sites, Auction Sites, Banks, Online Payment Processors Or IT Administrators Are Often Used To Lure Victims. Phishing Emails May Contain Links To Websites That Are Infected With Malware.

Phishing Is An Example Of Social Engineering Techniques Used To Deceive Users, And Exploits Weaknesses In Current Web Security. Attempts To Deal With The Growing Number Of Reported Phishing Incidents Include Legislation, User Training, Public Awareness, And Technical Security Measures. Many Websites Have Now Created Secondary Tools For Applications, Like Maps For Games, But They Should Be Clearly Marked As To Who Wrote Them, And Users Should Not Use The Same Passwords Anywhere On The Internet.

How Does Phishing Work?

Phishing Attacks Are Scams That Attempt To Trick The Recipient Into Providing Confidential Information Such As Account Credentials To An Attacker. Or Unintentionally Installing Malware Through The Use Of Links Or Attachments As Ruses. A Victim Receives An Email With Either An URL Link Or Attachment Purporting To Be From A Known Sender Or Entity He/she Does Business With, Such As A Bank Or Other Service Provider.

For URL Phishing Attacks, The Email Message May Ask The Recipient To Log Into Their Service Provider Account In Order To Complete A Security Update. If The Recipient Clicks The URL Link, They Are Taken To A Fake Web Page Or Login Page Which Looks Very Similar To The Site Of The Organization The Attacker Is Imitating. When The User Puts In Their Login Information, The Information Is Actually Sent To The Attacker, And The User Is Redirected To The Actual Site, Thinking They Mistyped Credentials The First Time.

For Attachment Phishing Attacks, The Attachment May Be Embedded With Malicious Macros Or Software That Runs When The User Opens The Document Or Enables Its Contents. This Then Installs Malware On The User’s Machine That Can Let The Attacker Steal Information Or Take Control Of The System.

How To Protect Machine From Phishing?

User Education Around Signs To Look For When An Email Looks Or Feels Suspicious Definitely Helps To Reduce Successful User Machine Compromises. However, Since User Behaviour Is Not Predictable, Typically Security Solution-driven Phishing Detection Is Critical.

Some Email Gateway Reputation-based Solutions Do Have The Ability To Catch And Classify Phishing Based On The Known Bad Reputation Of The Embedded URLs. What Gets Missed By These Solutions Are Often Well-crafted Phishing Messages With URLs From Compromised Legitimate Websites That Don’t Have A Bad Reputation At The Time Of Delivery Of Email.

Opt Instead For A System That Identifies Suspicious Email Based On Analytical, Which Looks For Unusual Patterns In Traffic To Identify Suspicious Emails, Then Rewrites The Embedded URL And Maintains A Constant Watch On The URL For In-page Exploits And Downloads.

Phishing, What Is A Phishing, How Phishing Remove From Pc, Spam Phishing

Buy Now - Software