Phishing

What Is Phishing?

Phishing is a new type of online scam that targets individuals through psychological manipulation. Criminals often use electronic communications to make people believe that the information they see or hear comes from trusted and reputable sources.

Because the process is very similar to a small fish being tempted to bite a fisherman's hook, this type of scam or attack is referred to as phishing.

How Phishing Works?

Phishing typically starts with a deceptive message sent to the intended victim, appearing to be from a trusted source such as a bank, employer, or acquaintance. This message, which may arrive through email, SMS, or a phone call, typically prompts the recipient to act quickly by downloading an attachment or clicking a link. Hitting links will lead to a malicious site stealing your privacy or financial info, while attachments may contain malware.

For example, you may receive an email that says, "Congratulations, you've won $1,000! Please hit on the link and offer your account details to claim your prize." If you do so, you risk giving your financial information to criminals.

Phishing Techniques

・Link Manipulation: Making the target take a malicious link as a legitimate link by using similar URLs.

・Website Forgery: Using JavaScript commands to place an image of a URL from a reliable source on the address bar to make users think the site is legitimate.

・Circumvent Text Filtering: Use images instead of text to evade detection by anti-phishing filters.

・Covert Redirect: Attackers deceive victims into entering personal details on a fake intermediary page that poses as a trusted site for authorization before redirecting to the legitimate site, thus stealing their info.

・Smart Tools: Criminals can use tools such as chatbots or AI voice generators to make the content of text messages received by a target appear more authentic or calls answered sound more like a familiar voice.

・Fear Tactics: Criminals may communicate with you urgently or impose time limits to provoke a sense of urgency and reduce sanity to increase the chances of a successful scam.