Cyber Resilience
Phishing attacks and their implications from Techwarn
February 17, 2020 by danielwaddell No Comments | Category Cyber Resilience, cyber threats and news
Phishing attacks and their implications
In the 21st century, a lot has changed in terms of technology. The advent of the internet has meant that most people have internet-connected devices. The Internet of Things IoT) describes connected devices that collect and also share data. Mobile phones, tablets, and computers are all used to access the internet. Unfortunately, there are malicious people who are always up to no good and take every opportunity to hack into systems for their own gain.
There are many ways in which hackers attack systems, and one of them is the phishing attack. Phishing is the most common of all cyber-attacks. Phishing uses email links that are disguised as official companies and used to lure a user into thinking they are legit. Hackers try to collect any crucial data such as SSID credentials, usernames or passwords. There are different types of phishing:
Spear phishing
If someone asked you what is a phishing attack? You would need to know that the different types of phishing include spear-phishing attacks, which are very target-oriented attacks. Hackers carry out research and gather data on their preferred targets. They obtain information from social media sites such as Facebook, Twitter or LinkedIn. The hackers proceed to send an email that has specific details. For example, if the targeted person has an issue with the power company, they may send an email purporting to be from the power company, complete with details. They create a fake power company site, then include a link in the email, redirecting you to that particular site. Once you click on the link, you open an avenue for the hackers to obtain your login and password details.
Vishing
Vishing means voice phishing via the phone. The hackers leave a voice message, supposedly coming from a legitimate institution such as the bank, phone or power company. The message request is usually for the target to call a specific number and then input their PIN or password. Once the call goes through to the said number, the hacker is connected to you via a voice-over IP-address.
Whaling
Whaling is an attack that specifically targets top board members in companies. These board members are not full-time employees in these companies, but instead, come in from time to time. This means they are prone to using personal emails instead of work emails to send and receive company mail. Since their personal emails are not very well protected.
Websites
Phishing attacks are sometimes found on websites that you visit on a regular basis. Hackers may trick you into calling a customer care number which is fake, or try to trick you into divulging your credit card details by using tricks such as lottery wins.
How to avoid phishing scams
There are several ways you can avoid phishing scams:
Do not click on strange links
Before clicking on any links in emails or instant messages, think twice. One way to tell if it’s legit is to hover on the link before clicking. If in doubt, check if the URL starts with https. If it is Http, then stay clear of that link. If need be, go to the company website directly via your browser.
Install a VPN
A VPN provides a secure channel for you to connect to the internet. It also allows you to connect to the internet incognito, in case anyone is listening in or snooping on your internet traffic. A VPN can also allow you to bypass any restrictions if you are in an internet restricted area or country.
Install an anti-phishing toolbar
Install an anti-phishing toolbar to run a quick scan on any site you visit, and run a comparative scan against the known phishing websites. The toolbar automatically sends you an alert in case it comes across any malicious sites.
Conclusion
Hacking is a reality most people do not come to terms with until it happens to them. Phishing is dangerous because it is common and comes in so many different variations that are not easy to spot. The only way to avoid being phished is to be extra vigilant and question everything. You have nothing to lose and everything to gain by questioning. The inverse is also true, you have everything to lose and nothing to gain if you do not question.
For more information follow @Techwarn or check out their website here
Leave a comment