Page 143 - Webapplication11_C11_Flipbook
P. 143
Types of Phishing
Different types of phishing are as follows:
Ð ÐEmail Phishing: The most prevalent form, where attackers send emails that appear to be from legitimate sources,
such as banks or online services.
Example: You receive an email that appears to be from your bank, claiming that there’s suspicious activity on your
account. The email includes a link to a website that looks like your bank’s official site. When you enter your login
credentials, they are captured by the attacker.
Ð ÐSpear Phishing: Targeted phishing attacks aimed at specific individuals or organisations. Attackers often gather
personal information to make their messages more convincing.
Example: An employee at a company receives a personalized email from someone who appears to be their IT
manager, requesting them to reset their password using a provided link. The email includes specific project details
that the attacker has researched to appear legitimate.
Ð ÐSmishing: Phishing conducted via SMS or text messages. Attackers send messages containing links or prompts to
call a number.
Example: You get a text message saying, “Your package could not be delivered. Please confirm your address by
clicking this link: [malicious link].” Clicking the link leads to a website that requests personal information or installs
malware on your device.
Ð ÐVishing: Voice phishing, where attackers use phone calls to impersonate legitimate entities, like banks or tech
support.
Example: You receive a phone call from someone claiming to be from your bank’s fraud department. They ask you
to verify your account information to resolve a supposed issue. If you provide your details, the attacker uses them
for identity theft.
ÐWebsite Spoofing: Attackers create a fake website that looks like a legitimate one (e.g., a bank or popular service).
Ð
Example: You type in the URL for your email provider but accidentally misspell it, landing on a site that looks
identical to the legitimate one. It prompts you to log in, capturing your credentials.
Ð ÐPDF and Document Phishing: Phishing scams that use PDFs or documents containing malicious links or macros that
execute harmful code when opened.
Example: You receive an email with an attachment labeled “Invoice.pdf.” When you open the PDF, it contains a link
that, when clicked, downloads malware onto your computer or redirects you to a phishing site asking for your login
information.
Protect Yourself Against Phishing
Some simple ways to protect against phishing are as follows:
Ð ÐBe Careful with Emails: Do not click on links or download attachments from emails you do not know or trust. Always
check the sender’s email address.
Ð ÐLook for Signs: Phishing emails may have spelling mistakes or unusual language. If something seems off, do not
trust it.
Ð ÐUse Two-Factor Authentication: This adds an extra layer of security. Even if someone gets your password, they will
need a second verification step to access your account.
Ð ÐUpdate Your Software: Keep your computer, smartphone, and apps updated to protect against security vulnerabilities.
Ð ÐCheck Website URLs: Before entering personal information, make sure the website URL starts with “https://” and
has a padlock symbol ( ).
Basics of Networking 141

