Many people falling on phishing attacks now a days. So, i have decided to write a neat article which is much helpful for non-technical people too to detect and prevent themself from various phishing attacks.
{tocify} $title={Table of Contents}
WHAT IS PHISHING ?
For Simple understanding Phishing means, Creating a duplicate page of any original page, both look like a same and genuine. So, victim fall on duplicate page thinking it has original page and type there username, password like credentials and those will be sent to attacker. and victim account compromised.
For example : If Attacker want to hack your facebook account, then they will create a Facebook like login page. which is very very similar to official page as victim can't able to know its duplicate page. Victim thought it as official facebook page and they login with there credentials. Once they login, then attacker will receive all there credentials details on backend. Victim will be redirected from duplicate Facebook page to offical Facebook page now. Hence, Victim still doesn't know there account has compromised/hacked.
Not only creating a duplicate page. creating a duplicate conversation like officals and more duplication process of original are called Phishing will see detailly on its types belwo. Hope you get some clarity on what is Phishing. {alertInfo}
HOW PHISHING WORKS ?
Attacker create a duplicate page or conversation like official one and make the victim fall into it thinking it as genuine. This was the core concept of Phishing. Once the victim logged into the phishing page, all the logged in victim details like username and password or any other bank details will be saved in Attackers server. That's how your account got compromised/hacked.
HOW PHISHING NAME BORN ?
On 1987, HP has made a printed copy of documents mentioned the Phishing attack details with the word Phishing. That's where its originated. They mentioned it as Phreaking + Fishing Which means, Cunningly Fishing the users sensitive information.
TYPES OF PHISHING
There are 10 types of Phishing attacks noted till now date from 1995 to 2022. May be attackers will create a more different phishing attacks in future. Whatever lets understand every possible attacks and types detailly.
The first phishing attack recorded was at 1995 attacker used Email Phishing on Victim. The Victim is American Online (AOL). {alertInfo}
EMAIL PHISHING
The attacker will send an email with link of duplicate phishing page and act like that mail is from official source. Else, They mail like you won this much prize claim now like that. The victim will fall for it easily trusting those. This was the first ever recorded Phishing Attack.
For example : Attacker send a mail saying, "You won a Jackpot of Rs.1 crore to claim it please login and fill simple form" like this. Victim fall for it and click the link provide in email and login via it using ther social media accounts like that and all there credentials are phished.
SOCIAL ENGINEERING
The attacker make a communication with victim in any way, via mail, via sms, via call or any source and speak like genuine and slowly observe the victim environment and victims favourite activities. Then create a fake page to make them fall on it easily with there interest.
For example : if attacker observed, victim likes car very much. Then they create a custom webpage saying latest model car or victim's favourite var at discount or they won the lottery jackpot on that car for free somewhat like that to get there interest as tool to make them fall in it.
WHALING ATTACK
In this attack, Attacker only target high-profile employees like CEO , CFO of companies and get there sensitive data by social engineering and act as very professional. So, victim won't able to find they are attackers. Because, they speak like much much professional with all details which is hard to detect they are attackers. This attack has more high falling victim ratio among all other.
For Example : Lets say victim is CEO of huge company. Attacker will target him and content like a professional from any official source like Microsoft Windows and contact victim tell them like your windows key expired or ran into a problem and don't worry i will fix it out for free of cost. Slowly take like that very genuinely and professionally and make them fall on his trap.
PHARMING ATTACK
In Pharming attack attacker create a malware using codes and sent those to victim device. Once that executed it prompt a fake error message like not installed etc.. But, in real it runs in background process silently. Victim will thought it has not even installed and only delete the setup of that malware. But, won't check for process activities. Then when victim try to browse any particular webpage, the page will be loaded from this malware without changing the domain or URL. So, victim feels they typed and visited offical page only and trust it then fall on it.
For example : After victim installed the malware, lets say they trying to visit www.facebook.com by typing there own on browser. Everything seems good till now. Once, the page loaded it will show the fake phishing page made by attacker. But, the URL link www.facebook.com remains same. Sounds super fearful right ? That's how this attack works.
ANGLER PHISHING
Angler Phishing is a new type of Phishing which is focused on social media users as victim. Attackers contact social media users like that they are messaging from official social media service agent and obtain there personal details.
Example : Lets say you opening your Facebook and find a message from Facebook agent saying you violated there policy and your account gonna ban. You will be afraid and text back. They ask for your personal details to not ban your account. When you provide, all done you have been attacked by Angler Phishing.
SMISHING
Smishing means SMS Phishing hacking accounts using link or webpage or more via SMS (Short Message Service).
For example : Attacker send a sms with phishing link. Once victim clicked and login, that's all, victim data will be captured by attacker.
VISHING
Vishing means Voice Phishing, Attacker call the victim and speak like you won the prize or your bank account debit card is blocked. To unblock provide your card details and all credentials data to confirm its you, like that they spoke like a real person and make victim fall on it.
Example : When victim received a call from unknown number, They attend and spoke who are you blah blah blah.. They simply say they are from bank agent side called you to help you like that they spoke and capture the credentials.
PAGE HIJACKING
Attackers hijack the offcial site and get into its webserver and change the HTMl code to redirect to there own spam website page.
Example : Lets say attackers hacked Facebook.com offical website and change the codes to redirect Facebook to some other suspicious website of attackers. Then you visit Facebook.com from your device and you feel you visited offical facebook page. But, in real its already redirected from offical page to custom website. Now when you typr your credentials in that site. That's it your account compromised.
CALENDAR PHISHING
Attackers send Invitation for any event and feed the Phishing link into it. When you click accept event you will be launched to phishing page and your credentials got compromised.
Example : Usually Calendar apps allow to send invitation for events for our friends. Like how attacker act likr friend and invite you to any event. When you feel event is cool and click accept invitation, you will be redirected to fake page, but, you believe it as event page and login via social media. But, in real your credentials is sent to attacker.
TAB NABBING
Tab Nabbing is one of the oldest way of Advanced Phishing and this attack works on same network like WiFi. When a attacker had access to your WiFi. They can do Tab Nabbing on your browser. Using some specific tool or code attacker can replace your browser tab with there fake tab and feed the Phishing page into it. When you move to that tab and login, That's it, Your account is compromised.
Example : Lets say attacker is on same network as yours. He can launch tab nabbing in that network via application. Once victim get that application via link, It runs in background. When victim using multiple tabs in browser. This tab nabbing tool or script will replace the inactive tan with fake page with official url on local hosts.
HOW TO PREVENT FROM PHISHING ?
• Just check the URL link before visiting the webpage. If the URL is fake or real by following examples ,
https:// - safe
http:// - not safe
amazon.in - safe
amaz-on.in - not safe
facebook.com - safe
facebook.ml - not safe
• Do not blindly click links received in mail.
• Do not blindly click links in messages.
• Do not click short url. Use short URL revealers.
• Do not download attachments on unknown mail
• Get Basic knowledge on Phishing page look like
• Use Antivirus or Anti-Phishing Add-ons in browsers
• Don't give your real details on un-secured sites
• Use temporary e-mails on unknown sites
• Use strongest password and change regularly
• Do all available app and system updates
• Don't get tempted by ad pop-ups
• Don't fall for jackpots, bank block like that
• Check for Spelling and Grammar errors in Email
• "Dear FirstName" ✓ and "Dear Customer" ×
• Don't open spam e-mails, delete it immediately
• Don't be like why someone should phish you.
• Contact your Bank if received Bank Alerts
• Think before you click "unsubscribe" (behind link)
• Use password managers
• Train your employees knowledge on Phishing
• Conduct Phishing Pages Test on employees
• Doubt everyone even its genuine.
• Enable Two-Step Verification
• Always link your mobile number
• Keep your mobile number ISP documents perfect
• Never run any unknown executable files
• Not recommended to use cracked apps
• Even your friends or family sent a link, check that links too before clicking, They may donno about malicious links.
HOW TO SECURE IF ALREADY PHISHED ?
• First of all do not panic
• Change all your Passwords
• Revoke all connected devices
• Check for account activities and fix those
• If anything changed by attacker, revert those
• Let the support team know your account hacked
• Keep your proofs ready always to provide
• You can also file complaint if can't recover.
• Scan your computer for any virus or malwares
• Let your friends and family know that your account hacked. So, incase attacker post anything unparlimentary in from your hacked account, They can understand.
NOTE
In this article I have explained each and every details about Phishing. I have taken facebook and amazon as example as those are popular websites visitors may get better understanding. Other than facebook and amazon are safe enough for us to use. Those are just examples. Hope you are clear now What is Phishing 100% Still had any doubt feel free to comment below. Thank you. {alertInfo}