In this article, I’m going to discuss phishing and what types of phishing and give examples of phishing techniques.
What is phishing?
Phishing is a social engineering attack that is widely used to steal user information, including credentials and credit card numbers. Occurs when an attacker pretends to be a proxy to trick the victim into opening an email, instant message, or text message.
Then, the recipient is tricked into clicking on a malicious link, which may result in the installation of malware, system crashes due to ransomware attacks, or disclosure of sensitive information.
An attack can have devastating consequences. For individuals, this includes unauthorised purchases, money theft or identity theft.
In addition, as part of large-scale attacks such as advanced persistent threat (APT) incidents, phishing is often used to infiltrate corporate or government networks. In the latter case, employees are threatened to bypass the security perimeter and spread malware within the security zone. Close the environment or gain privileged access to protected data.
In addition to declining market share, reputation, and consumer confidence, companies that cannot withstand such attacks often suffer significant economic losses. Depending on the scope, phishing attempts may become a security incident that companies cannot get rid of.
Exapmple for phishing
If we need to access the Facebook page means we need to go for the www.facebook.com address. because only this address shows the Facebook page. and if we type our username and password means our account will be opened.
But the hacker downloads the Facebook page source code and edits some data. then host that edited file into their local network or website after that they sent that link to the victim
If that victim clicks that link means the Facebook page will be shown. if that victim type any data like username and password all that data sent to the hacker.
See the below image. this image shows the Facebook page. but sees the URL of the page that URL, not Facebook URL
Types of phishing
so many types are there but I’m telling you the most used phishing attacks.
- Email phishing
- Spear phishing
- Whaling phishing
- Clone phishing
- Evil Twin phishing
- Social media phishing
- Search engine phishing