Page 55 - PlusGPT_V2.1_C8_Flipbook
P. 55

Phishing

                 Phishing attacks are the social-engineering practice of sending
                 fraudulent  communications  that  appear  to  come  from an
                 authentic source. It is usually done through e-mail. The goal is

                 to steal sensitive data like credit card and login credentials or to
                 install malware on the victim’s machine.
                 Although some phishing e-mails are poorly written and clearly
                 fake. But, some cyber miscreants send links in the e-mail that
                 may install malware on the user’s device or direct the user to a wicked website for extracting personal

                 and financial information.
                 Some common types of phishing attacks are phone, spear and clone phishing.


                 Detecting a Phishing E-mail
                 Following can act as hints to detect Phishing E-mail:

                 ·   Spelling and Unusual Grammar: Cyber criminals generally make grammar and spelling mistakes
                     because they use dictionary too often to convert in a specific language. If you notice such mistakes
                     in an e-mail, it might be a scam.
                 ·   E-mail Links: Some links in the e-mail are usually with unknown URLs. To verify, take the mouse
                     (but don’t click) over the link to see if the address matches the link that was typed in the message.
                     Some links may also forward to .exe, or zip files. These are known to install malicious software.
                 ·   Acknowledgment: Generally, the cyber criminals don’t know the names of targets except the
                     e-mail addresses, so they use just a part of the targeted e-mail address, in the salutation or a uses
                     general salutation.


                 Difference between Spoofing and Phishing

                 Following are the differences between spoofing and phishing:

                                      Spoofing                                         Phishing

                   Hacker tries to steal the identity to act as     Hacker tries to steal the sensitive
                   another individual.                              information of the user.

                   It doesn't require fraud.                        It is operated in a fraudulent manner.

                   Information is not theft.                        Information is theft.

                   Spoofing can be part of  phishing.               Phishing can't be part of the spoofing.
                   Hacker needs to  download some  malicious        No such malicious software is needed.
                   software in victim computer.
                   Spoofing is basically done to get a new identity. Phishing is done to get secret information.

                   Types: IP Spoofing, E-mail Spoofing, URL         Types: Phone Phishing, Clone Phishing, etc.
                   Spoofing, etc.




                                                                                                   Cyber Security  53
   50   51   52   53   54   55   56   57   58   59   60