.gif)
Phishing is a type of online fraud based on the principles of social engineering. The main purpose of phishing is to get access to critical data (for example, passport), accounts, Bank details, private service information to use them in the future to steal money. Phishing works by redirecting users to fake network resources that are a complete imitation of the present.
1. The classic phishing — phishing spoofing
This category includes most of all phishing attacks. Attackers send e-mails on behalf of an existing company in order to gain control of users ' credentials and their personal or service accounts. You can receive a phishing email on behalf of the payment system or Bank, delivery service, online store, social network, tax, etc.
Phishing emails are created with great care. They are practically no different from those letters that the user regularly receives in mailings from this company. The only thing that can alert — please click on the link to perform any action. This transition, however, leads to the site of fraudsters, which is the “twin " page of the Bank's website, social network or other legal resource.
The motive for clicking on the link in such letters can be as " carrot ”(”you can get a 70% discount on services if you register within a day“), and” whip ”("Your account is blocked due to suspicious activity. To confirm that you are the account owner, click the link”).
Here is a list of the most popular tricks scammers:
Your account has been or will be blocked /disabled.
Phishing is not always a random attack — attacks are often personalized, targeted. The goal is the same-to force the user to go to a phishing site and leave their credentials.
Naturally, the future victim more confidence will cause a letter in which it is addressed by name, mention the place of work, position held in the company, any other individual data. And the information for targeted phishing attacks people often provide themselves. Especially "harvest" for criminals resources such as the well — known LinkedIn-creating a resume based on potential employers, everyone is trying to specify more information about yourself.
In order to prevent such situations, organizations should constantly remind employees of the undesirability of placing personal and service information in the public domain.
3. Phishing against top management
Management credentials are of particular interest to fraudsters.
As a rule, security specialists of any company implement a clear system of tolerances and levels of responsibility, depending on the position of the employee. Thus, the sales Manager has access to the product database, and the list of employees of the company for him is a restricted zone. HR-specialist, in turn, is fully aware of which vacancies are occupied by whom, which have just been released, who is worthy of promotion, but has no idea about the numbers and the state of the Bank accounts of his native company. The Manager usually concentrates in his hands access to all the critical nodes of the life of the enterprise or organization.
Having gained access to the head of the company's account, phishing specialists go further and use it to communicate with other departments of the enterprise, for example, approve fraudulent Bank transfers to financial institutions of their choice.
Despite the high level of admission, senior managers do not always participate in training programs for personnel in the basics of information security. That's why, when a phishing attack is directed against them, it can lead to particularly severe consequences for the company.
4. Phishing emails from Google and Dropbox
Relatively recently, phishing has a new direction-hunting for logins and passwords to log in to cloud data storage.
In the cloud service Dropbox and Google Drive users, both personal and corporate, store a lot of confidential information. These are presentations, tables and documents (service), backups of data from local computers, personal photos and passwords to other services.
Unsurprisingly, gaining access to accounts on these resources is an enticing prospect for attackers. To achieve this goal, use a standard approach. A phishing website is created that completely simulates the account login page on a particular service. In most cases, a phishing link in the email redirects potential victims to it.
5. Phishing emails with attached files
A link to a suspicious site in order to steal user data is not the worst thing phishing is capable of. After all, in this case, criminals will have access only to a certain part of confidential information — login, password, i.e. to an account in a certain service. Much worse, when a phishing attack leads to the compromise of the entire computer of the victim by malicious software: a virus-cipher, a spy, a Trojan.
Such viruses may be contained in attachments to emails. Assuming that the email came from a trusted source, users are willing to download such files and infect their computers, tablets and laptops.
6. What is pharming?
Classic phishing with links to questionable resources is gradually becoming less effective. Experienced users of web services are usually already aware of the danger that a link to a suspicious site can carry and exercise caution when receiving a strange letter or notification. Lure the victim into their networks is becoming increasingly difficult.
As a response to the decrease in the effectiveness of traditional attacks, the attackers invented pharming — a hidden redirect to fraudulent sites.
The essence of pharming is that at the first stage in the victim's computer in one way or another implemented Trojan. It is often not recognized by antivirus software, does not manifest itself and is waiting in the wings. The malware is activated only when the user independently, without any external influence, decides to go to the page of interest to criminals on the Internet. Most often these are online banking services, payment systems and other resources that carry out money transactions. This is where the process of substitution takes place: instead of a proven, frequently visited site, the owner of the infected computer gets to the phishing site, where, without suspecting anything, he points out the data necessary for hackers. This is done by modifying the DNS cache on the local computer or network hardware. This type of fraud is especially dangerous because of the difficulty of detecting it.
Phishing protection - basic rules:
Completely destroy phishing in the foreseeable future is unlikely to succeed: human laziness, credulity and greed are to blame.
Every day there are thousands of phishing attacks that can take a variety of forms:
Therefore, be sure to read the rules of protection against phishing. And above all, do not pass your passwords to anyone, make a habit of always typing in the addresses of the desired sites manually or use bookmarks in the browser, be especially careful to links in emails.
1. The classic phishing — phishing spoofing
This category includes most of all phishing attacks. Attackers send e-mails on behalf of an existing company in order to gain control of users ' credentials and their personal or service accounts. You can receive a phishing email on behalf of the payment system or Bank, delivery service, online store, social network, tax, etc.
Phishing emails are created with great care. They are practically no different from those letters that the user regularly receives in mailings from this company. The only thing that can alert — please click on the link to perform any action. This transition, however, leads to the site of fraudsters, which is the “twin " page of the Bank's website, social network or other legal resource.
The motive for clicking on the link in such letters can be as " carrot ”(”you can get a 70% discount on services if you register within a day“), and” whip ”("Your account is blocked due to suspicious activity. To confirm that you are the account owner, click the link”).
Here is a list of the most popular tricks scammers:
Your account has been or will be blocked /disabled.
- User intimidation tactics can be very effective. The threat that the account has been or will be blocked in the near future, if the user does not immediately log in to the account, makes you immediately lose vigilance, click on the link in the letter and enter your username and password.
- In this email, the user is asked to log in to the account immediately and update their security settings. The same principle applies as in the previous paragraph. The user panics and forgets about vigilance.
- Most often such letters are sent on behalf of financial institutions. Users tend to believe the truth of the emails, as financial institutions do not send confidential information via email.
- Such letters are included in the trend as soon as the time to pay taxes is approaching. The subjects of the letters can be very different: notification of debt, please send the missing document, notification of the right to receive a tax refund, etc.
Phishing is not always a random attack — attacks are often personalized, targeted. The goal is the same-to force the user to go to a phishing site and leave their credentials.
Naturally, the future victim more confidence will cause a letter in which it is addressed by name, mention the place of work, position held in the company, any other individual data. And the information for targeted phishing attacks people often provide themselves. Especially "harvest" for criminals resources such as the well — known LinkedIn-creating a resume based on potential employers, everyone is trying to specify more information about yourself.
In order to prevent such situations, organizations should constantly remind employees of the undesirability of placing personal and service information in the public domain.
3. Phishing against top management
Management credentials are of particular interest to fraudsters.
As a rule, security specialists of any company implement a clear system of tolerances and levels of responsibility, depending on the position of the employee. Thus, the sales Manager has access to the product database, and the list of employees of the company for him is a restricted zone. HR-specialist, in turn, is fully aware of which vacancies are occupied by whom, which have just been released, who is worthy of promotion, but has no idea about the numbers and the state of the Bank accounts of his native company. The Manager usually concentrates in his hands access to all the critical nodes of the life of the enterprise or organization.
Having gained access to the head of the company's account, phishing specialists go further and use it to communicate with other departments of the enterprise, for example, approve fraudulent Bank transfers to financial institutions of their choice.
Despite the high level of admission, senior managers do not always participate in training programs for personnel in the basics of information security. That's why, when a phishing attack is directed against them, it can lead to particularly severe consequences for the company.
4. Phishing emails from Google and Dropbox
Relatively recently, phishing has a new direction-hunting for logins and passwords to log in to cloud data storage.
In the cloud service Dropbox and Google Drive users, both personal and corporate, store a lot of confidential information. These are presentations, tables and documents (service), backups of data from local computers, personal photos and passwords to other services.
Unsurprisingly, gaining access to accounts on these resources is an enticing prospect for attackers. To achieve this goal, use a standard approach. A phishing website is created that completely simulates the account login page on a particular service. In most cases, a phishing link in the email redirects potential victims to it.
5. Phishing emails with attached files
A link to a suspicious site in order to steal user data is not the worst thing phishing is capable of. After all, in this case, criminals will have access only to a certain part of confidential information — login, password, i.e. to an account in a certain service. Much worse, when a phishing attack leads to the compromise of the entire computer of the victim by malicious software: a virus-cipher, a spy, a Trojan.
Such viruses may be contained in attachments to emails. Assuming that the email came from a trusted source, users are willing to download such files and infect their computers, tablets and laptops.
6. What is pharming?
Classic phishing with links to questionable resources is gradually becoming less effective. Experienced users of web services are usually already aware of the danger that a link to a suspicious site can carry and exercise caution when receiving a strange letter or notification. Lure the victim into their networks is becoming increasingly difficult.
As a response to the decrease in the effectiveness of traditional attacks, the attackers invented pharming — a hidden redirect to fraudulent sites.
The essence of pharming is that at the first stage in the victim's computer in one way or another implemented Trojan. It is often not recognized by antivirus software, does not manifest itself and is waiting in the wings. The malware is activated only when the user independently, without any external influence, decides to go to the page of interest to criminals on the Internet. Most often these are online banking services, payment systems and other resources that carry out money transactions. This is where the process of substitution takes place: instead of a proven, frequently visited site, the owner of the infected computer gets to the phishing site, where, without suspecting anything, he points out the data necessary for hackers. This is done by modifying the DNS cache on the local computer or network hardware. This type of fraud is especially dangerous because of the difficulty of detecting it.
Phishing protection - basic rules:
- Be sure to check the URL you want to navigate TO for minor spelling errors.
- Use only secure https connections. The absence of just one letter “s” in the address of the site is obliged to alert.
- Be suspicious of any emails with attachments or links. Even if they came from a familiar address, it does not guarantee security: it could be hacked.
- Having received an unexpected suspicious message, you should contact the sender in any alternative way and clarify whether he sent it.
- If you still need to visit the resource, it is better to enter its address manually or use previously saved bookmarks (alas, from farming it will not save).
- Do not use open Wi-Fi networks to access online banking and other financial services: they are often created by attackers. Even if this is not the case, connecting to an unprotected connection is not difficult for hackers.
- On all accounts, where possible, connect two-factor authentication. This measure can save the situation if the master password has become known to hackers.
Completely destroy phishing in the foreseeable future is unlikely to succeed: human laziness, credulity and greed are to blame.
Every day there are thousands of phishing attacks that can take a variety of forms:
- Classic phishing. Phishing emails sent on behalf of well-known existing companies that are virtually indistinguishable from emails that users usually receive from these companies. The only difference may be a request to follow a link to perform an action.
- Targeted phishing attack. Personalized phishing emails aimed at a specific person. Such letters contain the name, position of the potential victim, as well as any other personal data.
- Phishing against top management. Phishing emails aimed at gaining access to the account of the head of the company, CEO, technical Director, etc.after gaining access to such accounts, phishing specialists can continue to use them to communicate with other departments, for example, to confirm fraudulent Bank transfers to any financial institution of their choice.
- Phishing emails from Google and Dropbox. A relatively new direction of phishing attacks, the purpose of which are user names and passwords to log in to cloud storage.
- Phishing emails with attached files. Phishing emails with attachments containing viruses.
- Pharming. A hidden redirect to a fraudulent site that was performed by modifying the DNS cache on the local computer or network hardware.
Therefore, be sure to read the rules of protection against phishing. And above all, do not pass your passwords to anyone, make a habit of always typing in the addresses of the desired sites manually or use bookmarks in the browser, be especially careful to links in emails.
