Cyber Resilience

Phishing attacks and their implications from Techwarn

February 17, 2020 by No Comments | Category Cyber Resilience, cyber threats and news

Phishing attacks and their implications

In the 21st century, a lot has changed in terms of technology. The advent of the internet has meant that most people have internet-connected devices. The Internet of Things IoT) describes connected devices that collect and also share data. Mobile phones, tablets, and computers are all used to access the internet. Unfortunately, there are malicious people who are always up to no good and take every opportunity to hack into systems for their own gain.

There are many ways in which hackers attack systems, and one of them is the phishing attack. Phishing is the most common of all cyber-attacks. Phishing uses email links that are disguised as official companies and used to lure a user into thinking they are legit. Hackers try to collect any crucial data such as SSID credentials, usernames or passwords. There are different types of phishing:

Spear phishing

If someone asked you what is a phishing attack? You would need to know that the different types of phishing include spear-phishing attacks, which are very target-oriented attacks. Hackers carry out research and gather data on their preferred targets. They obtain information from social media sites such as Facebook, Twitter or LinkedIn. The hackers proceed to send an email that has specific details. For example, if the targeted person has an issue with the power company, they may send an email purporting to be from the power company, complete with details. They create a fake power company site, then include a link in the email, redirecting you to that particular site. Once you click on the link, you open an avenue for the hackers to obtain your login and password details.

Vishing

Vishing means voice phishing via the phone. The hackers leave a voice message, supposedly coming from a legitimate institution such as the bank, phone or power company. The message request is usually for the target to call a specific number and then input their PIN or password. Once the call goes through to the said number, the hacker is connected to you via a voice-over IP-address.

Whaling

Whaling is an attack that specifically targets top board members in companies. These board members are not full-time employees in these companies, but instead, come in from time to time. This means they are prone to using personal emails instead of work emails to send and receive company mail. Since their personal emails are not very well protected.

Websites

Phishing attacks are sometimes found on websites that you visit on a regular basis. Hackers may trick you into calling a customer care number which is fake, or try to trick you into divulging your credit card details by using tricks such as lottery wins.

How to avoid phishing scams

There are several ways you can avoid phishing scams:

Do not click on strange links

Before clicking on any links in emails or instant messages, think twice. One way to tell if it’s legit is to hover on the link before clicking. If in doubt, check if the URL starts with https. If it is Http, then stay clear of that link. If need be, go to the company website directly via your browser.

Install a VPN

A VPN provides a secure channel for you to connect to the internet. It also allows you to connect to the internet incognito, in case anyone is listening in or snooping on your internet traffic. A VPN can also allow you to bypass any restrictions if you are in an internet restricted area or country.

Install an anti-phishing toolbar

Install an anti-phishing toolbar to run a quick scan on any site you visit, and run a comparative scan against the known phishing websites. The toolbar automatically sends you an alert in case it comes across any malicious sites.

Conclusion

Hacking is a reality most people do not come to terms with until it happens to them. Phishing is dangerous because it is common and comes in so many different variations that are not easy to spot. The only way to avoid being phished is to be extra vigilant and question everything. You have nothing to lose and everything to gain by questioning. The inverse is also true, you have everything to lose and nothing to gain if you do not question.

For more information follow @Techwarn or check out their website here 


Comments

Leave a comment

By submitting a comment, you understand it may be published on this public website. Please read our privacy policy to see how the Scottish Government handles your information.

Your email address will not be published. Required fields are marked *