Phishing A Major Cyber Threat
It’s a type of social engineering to trick users into sharing sensitive personal information like usernames, passwords and credit card number details with Cyber Criminals.
Phishing has been around since the 1990s and still going strong:
“The Comodo Cyber Security 2018 Global Threat Report lists email phishing as the most common method of attack”
“According to the Proofpoint 2019 State of the Phish Report, reports of credential compromise in 2018 rose 70% over 2017 and 280% since 2016”
The most common phishing technique is to send a fraudulent email to a targeted user, the email is designed to look like it came from a trusted source and it looks urgent so the potential victim will open it. Phishing email subject lines will sound urgent and important enough to not ignore such as:
Typically, the email will contain a manipulated link that looks like it goes to a real website, if the targeted user clicks the link then it routes to a forged website designed to look like a real one.
Once there, the target will usually be prompted to enter the username and password for the website and if do the attacker will now have the login credentials for the real website. Depending on the website, it can turn into an immediate loss of information and/or money for the victim.
One of the keys to a successful email attack is to look like they came from trusted brands so phishing attackers frequently opt to use brand names like Microsoft, Paypal, Google, DHL, Dropbox, etc.
1- Untargeted Phishing: Tossing out a big net with the hope to catch as many victims as possible.
2- Spear-phishing: Customizes email attacks to specific users hoping that the illusion of familiarity will create trust.
3- Whaling: Spear-phishing directed at senior business executives who likely control significant financial assets.
“Comodo Cyber Security 2018 Global Threat Report state that enterprise users receive 16-20 malicious emails each month on average”
Since phishing email attacks are cheap, simple and effective, we can expect that such attacks will continue to be one of the most common Cyber Security threats landscape.
Ransomware attacks have emerged as one of the most challenging cybersecurity threats facing businesses today. With attackers constantly evolving their…
In the realm of Cybersecurity, vulnerability scanning tools play a pivotal role in identifying and addressing potential weaknesses within an…
Dark web monitoring serves as a critical component within the broader spectrum of cybersecurity solutions, playing a proactive role in…
In the fast-paced digital landscape of today, mobile applications have become an integral part of our lives. From social networking…
In the ever-evolving landscape of cybersecurity, penetration testing plays a crucial role in identifying vulnerabilities within an organization's systems and…
Understanding VAPT (Vulnerability Assessment and Penetration Testing) Vulnerability Assessment and Penetration Testing (VAPT) is a proactive approach to security evaluation.…