Page 55 - PlusGPT_V2.1_C8_Flipbook
P. 55
Phishing
Phishing attacks are the social-engineering practice of sending
fraudulent communications that appear to come from an
authentic source. It is usually done through e-mail. The goal is
to steal sensitive data like credit card and login credentials or to
install malware on the victim’s machine.
Although some phishing e-mails are poorly written and clearly
fake. But, some cyber miscreants send links in the e-mail that
may install malware on the user’s device or direct the user to a wicked website for extracting personal
and financial information.
Some common types of phishing attacks are phone, spear and clone phishing.
Detecting a Phishing E-mail
Following can act as hints to detect Phishing E-mail:
· Spelling and Unusual Grammar: Cyber criminals generally make grammar and spelling mistakes
because they use dictionary too often to convert in a specific language. If you notice such mistakes
in an e-mail, it might be a scam.
· E-mail Links: Some links in the e-mail are usually with unknown URLs. To verify, take the mouse
(but don’t click) over the link to see if the address matches the link that was typed in the message.
Some links may also forward to .exe, or zip files. These are known to install malicious software.
· Acknowledgment: Generally, the cyber criminals don’t know the names of targets except the
e-mail addresses, so they use just a part of the targeted e-mail address, in the salutation or a uses
general salutation.
Difference between Spoofing and Phishing
Following are the differences between spoofing and phishing:
Spoofing Phishing
Hacker tries to steal the identity to act as Hacker tries to steal the sensitive
another individual. information of the user.
It doesn't require fraud. It is operated in a fraudulent manner.
Information is not theft. Information is theft.
Spoofing can be part of phishing. Phishing can't be part of the spoofing.
Hacker needs to download some malicious No such malicious software is needed.
software in victim computer.
Spoofing is basically done to get a new identity. Phishing is done to get secret information.
Types: IP Spoofing, E-mail Spoofing, URL Types: Phone Phishing, Clone Phishing, etc.
Spoofing, etc.
Cyber Security 53

