Phishing, Haven’t we heard about this over and over again. What is the first thing that comes to your mind? Spam emails, Am I right? I know people have spoken about this topic over and over again. So what’s new in this blog. Well, this is more of an awareness blog for users to know the current trend in phishing attacks. So, without further ado, let’s go straight to the topic.
Phishing is a type of social engineering attack and an age-old technique whereby threat actors send spam emails to lure probable victims into revealing sensitive information or to install malicious software into their system. Figure 1, shows how threat actors can lure innocent users.
Figure 1: Depicting a Phishing Scenario
Earlier threat actors only used emails for their attacks. Nowadays, SMS text messages, aka Smishing or telephonic attacks, aka Vishing, have gained popularity. However, the primary threat is still spam emails.
Why is phishing still widespread?
Humans are both the easiest and also a difficult target to attack. Easiest, if the users are naive and difficult, if they are well trained to understand various attack trends.
Nowadays, instead of spamming the victim’s inbox, threats actors use targeted attacks to lure their potential targets. Usually these days their likely targets are CEOs, CTOs, HR Heads, among others. This type of targeted attack is called Whaling. Email and website spoofing are the common infection vectors. Figure 2, depicts website spoofing.
Figure 2: Website Spoofing
Another type of targeted attacks is Spear Phishing, wherein specific individuals within the organisation are targeted such as IT security members, finance members among others.
Apart from causing financial loss and a stall in operations, these targeted attacks also cause bad reputation and loss of trust among its users’, business partners, and others.
How do threat actors deploy phishing attacks?
Attackers take advantage of several means to be successful in such attacks. Let us discuss a few of them.
Domain Squatting: Practice of buying a domain name to prevent someone else, usually an organisation who is in legitimate need from using it. For instance, if an organisation is planning to launch its new product and intends to use its name in the website page; a threat actor could have registered this under their name and the organisation who is desperately in need and requires that domain name will have to pay a hefty amount to the threat actor to acquire the rights to that domain name
Website Spoofing: Creating a carbon copy of a legitimate website and befooling users to click and enter information that the threat actors need
Phishing Kits: Threat actors sell phishing kits across darknet markets. These are templates to build a phishing site so even a novice threat actor can weaponize it.
Why do victims repeatedly fall prey to phishing?
Most of the time, users are being targeted because of human error. Untrained employees are their easiest target. However, trained users can also fall prey to these attacks because threat actors use new, sophisticated and convincing techniques as mentioned above to trap users. Overly taxed employees are also easy targets, as they unintentionally may click on malicious links or not think twice to share their sensitive information.
How to stay safe from such attacks?
- Do not give sensitive information without verifying the authenticity
- Think twice before you click!
- Keep your browser up to date
- Train yourself and be up to date on phishing techniques
- Regularly check your online accounts and validate all your transactions
- Check website’s security
- Use Firewalls
- Be cautious about Pop-Ups
- Use a reputed AntiVirus software like “K7 Total Security” and keep it up to date to stay protected against such threats