What are phishing attacks in Cyber Security?
Phishing is a type of social engineering attack in which cyber criminals trick victims into handing over sensitive information or installing malware.
Most phishing campaigns employ one of two basic methods:
- Malicious links, pointing to websites that are often clones of legitimate ones, which download malware, or whose login pages contain credential-harvesting scripts.
- Malicious email attachments, which usually have enticing names, such as ‘INVOICE’, install malware on victims’ machines when opened
Types of malicious websites:
Tabnabbing and reverse tabnabbing:
In these attacks, unattended browser tabs are rewritten with malicious sites. Unsuspecting users who return to the tab may not notice that the page is not legitimate.
Typosquatting/URL hijacking:
These spoof websites’ URLs look genuine, but are subtly different from the ones they impersonate. They aim to take advantage of typing mistakes when users enter URLs into their browser address bar.
Pharming/DNS cache poisoning:
Pharming attacks redirect a website’s traffic to a malicious site that impersonates it by exploiting vulnerabilities in the system that matches domain names (the URL you type into your browser address bar) with IP addresses (the string of numbers assigned to each device connected to a network).
Clickjacking/UI (user interface) redressing/iframe overlay:
Attackers use multiple transparent layers to place malicious clickable content over legitimate buttons. For example, an online shopper might think they are clicking a button to make a purchase, but will instead download malware.
You can read more about this here
Targeted phishing attacks:
Clone phishing:
A copy of a legitimate email that has previously been delivered, but sent from a spoof address that closely resembles the email address of the original sender. The only difference between it and the original email is that links and/or attachments will have been replaced with malicious ones. Recipients are more likely to fall for this sort of attack as they recognise the contents of the email.
Whaling/CEO fraud:
A type of spear phishing that targets high-profile individuals, such as board members or members of the finance team. These attacks require additional effort on the part of the attacker, but the rewards are potentially greater: Senior staff have more information and greater levels of access than junior employees. Moreover, a senior staff member’s compromised account can be used to carry out BEC attacks.
BEC (business email compromise):
These emails often take the form of ‘urgent’ requests purporting to be from senior staff, such as the CEO or CFO. They use social engineering tactics to fool more junior staff members into wiring money to the wrong recipient or disclosing confidential business information.
Conclusion:
Phishing remains one of the most effective avenues of attack for cyber criminals. Having doubled in 2020, phishing attacks steadily increased throughout 2021, with remote work making it harder for businesses to ensure their users aren’t falling victim.
Employees need regular training on how the spot phishing attacks that use modern techniques, as well as how to report a phishing attack as soon as they believe they have been targeted.
I want to know more
Find out more about how to prevent Cyber Security threats and begin your career in IT with our job ready Cyber Security Practical Experience Programme from IT Certify.
Just click here to find out more.
