2
863views
Explain any 5 phishing attacks
1 Answer
2
8views

5 phishing attacks

The most common phishing attacks are

  1. Email phishing
  2. Spear phishing
  3. Whaling
  4. Smishing and vishing
  5. Pharming

1. Email phishing

  • The most common phishing attack are sent by email. The main aim of the attackers it to get the login credentials of the users.

  • The crook will register a fake domain that mimics a genuine organization and sends thousands of generic requests.

  • Also,, they might use the organization’s name in the local part of the email address (such as [email protected]) in the hopes that the sender’s name will simply appear as ‘PayPal’ in the recipient’s inbox.

  • You should always check the email address of a message that asks you to click a link or download a attachment.


2. Spear phishing

  • Spear phishing targets specific individuals instead of a wide group of people.
  • Attackers often research their victims on social media and other sites. That way, they can customize their communications and appear more authentic.
  • Spear phishing is often the first step used to penetrate a company’s defenses and carry out a targeted attack.
  • Criminals who do this will already have some or all of the following information about the victim: their name, place of employment, job title, email address and specific information about their job role.

3. Whaling

  • When attackers go after a “big fish” like a CEO, it’s called whaling. Whaling attacks are even more targeted, taking aim at senior executives.
  • Scams involving bogus tax returns are an increasingly common variety of whaling.
  • These attackers often spend considerable time profiling the target to find the opportune moment and means of stealing login credentials.
  • Whaling is of particular concern because high-level executives are able to access a great deal of company information.

4. Smishing and vishing

  • With both smishing and vishing, telephones replace emails as the method of communication.
  • Smishing involves criminals sending text messages (the content of which is much the same as with email phishing), and vishing involves a telephone conversation.
  • A common vishing scam involves a criminal posing as a fraud investigator (either from the card company or the bank) telling the victim that their account has been breached.
  • The criminal will then ask the victim to provide payment card details to verify their identity or to transfer money into a ‘secure’ account – by which they mean the criminal’s account.

5. Pharming

  • Similar to phishing, pharming sends users to a fraudulent website that appears to be legitimate.
  • However, in this case, victims do not even have to click a malicious link to be taken to the bogus site.
  • Attackers can infect either the user’s computer or the website’s DNS server and redirect the user to a fake site even if the correct URL is typed in.
Please log in to add an answer.