What is Phising Attack and its common types?

The term ‘Phishing’ might not be very common with most people, while some of us might know about it, and a lot of us might have no idea regarding it. So, today let us discuss in brief this entity.

In simple words, Phishing means an illegal attempt or desire to steal someone’s secret credentials and database, like – usernames, passwords, credit or debit card pins, passwords, and so on. Now, you might be thinking why one will give all his/her information and how is this entire process carried out?

Well, let me explain this to you. The person or a group of persons who carry out these criminal activities represent themselves as the legal representative. Not only this, the entire process is carried out in an unplanned manner, and good use of technology makes everything appear real instead of fake in front of you. It is mostly carried out by email or related modes, and when you go through that professionally written fake email and then click on the blink, you get redirected to a fake website, but even if you happen to be a programmer or a technical geek, then also it will be very difficult for you to recognize it in the normal glance.

Such is the beauty of technology, a little programming, and your fake stuff is ready. Now, as we have got a clear glimpse of this technology, let us now try to understand its various types.

Email Phishing

As we discussed earlier, this is one of the most common types of Phishing attacks, and it is generally targeted at banks and financial services. According to some of the sources on the internet, attackers have impersonated themselves as legal representatives from banks and asked for various secret credentials from customers, like – passwords, credit, and debit card pins, etc, and then looted a lot of money from their accounts.

 

Spear Phishing

This is one step ahead of Email phishing as in this very case, the fraudsters first gather some of the crucial information of the people they want to attack by hook or crook and then target them. Not only this, in most of the cases, the victims here happen to be people employed in the financial departments of their respective organizations or banks. These people contain the key to the wealth of their respective entities, so it becomes easier for attackers to manipulate them and then steal a lot of money, data, secret stuff, and so on.

 

Clone Phishing

In this type of Phishing, the attacker forwards a similar copy of some official email from the same email address of the legal entity, but it carries a malicious link attached to it, and when the user fills in his/her database and credentials, he/she just gets caught in this dirty trap.

 

Voice Phishing

As the name suggests, in this type of phishing, an attacker dials a large number of telephone calls plays pre-recorded voice messages impersonating oneself as a legal representative of a bank or a particular organization. In this very process, they manipulate the people and ask for their password, debit and credit card pins, etc. and a lot of people end up falling victim to their heinous activities.

 

SMS Phishing

This is also quite similar to its counterparts, the only difference being the medium of SMS being used here. These fake SMSes look like the ones from authorized legal entities and then they redirect you to a website or you just happen to dial a number displayed in it and after that, all your secret data ranging from your passwords, pins, etc are slowly and steadily stolen from you.

 

How to save yourself from common phishing attacks?

As of now, we have got a brief understanding of this technology and now you might be thinking of ways to prevent it. Isn’t it?

Well, yes probably, so let me share some of the methods which will aid you in this very task. First of all, you need to be very patient and relaxed while you come across these types of mails, SMS, telephonic stuff, and so on.

In this very way itself, you will be able to find out whether the person is fake or real, secondly, no legal representative asks for secret credentials over emails, telephones, etc, so in this very moment, you should alert yourself and then try not to fall, victim.

If any activity, thing, tone of the email, SMS, person on the call, etc appears to be suspicious, then you should never share any of your small or big details with it, rather you should immediately take legal action against it.

Furthermore, there are many videos available on YouTube, which can guide you with the steps to be taken in these types of situations, spam filters present in emails, safe browsing features, etc all can aid you. Thus, like hackers, we all have to be a little shrewd while dealing with day-to-day technologies containing our personal information.