As per a research published in the International Journal of Applied Engineering Research, the cost encountered for overcoming such security attacks have escalated from $27.4 billion to $66 billion in eight years which clearly indicates the rising cases of phishing in India. This remains a big concern not just for the government but also the common people who can become a victim of phishing frauds and lose a huge amount of money.
What is Phishing?
The phishing meaning in simpler terms is the theft of one’s information for fraudulent purposes. Hence, it is a cybercrime, that entails enticing the user into giving sensitive and classified information to the invader. The data could include credit card particulars, username and passwords, bank details or any other form of data which can be used for unethical purposes. These online attacks happen through malicious emails, texts, and telephone calls.
Types of Phishing Attacks
To understand how it works, read these different types of phishing attacks and ways to prevent them.
- Deceptive Phishing: This is the most common and is used extensively by the attackers. It requires the attacker to imitate a legitimate website and then send an email to an individual making it look genuine. The email would consist of a malicious URL or link. Once accessed by the target, it is through this link, that the phishing website collects all the sensitive information and sends it to the attacker.
- Spear Phishing: This form of phishing is very much like the deceptive phishing, the only difference being the target group of the two. In this technique the attacker targets only one individual and not a group. Once the target is set a fraudulent email is sent to the individual leading him/her to share their personal and sensitive information with the attacker. The most common platform for such phishing practices is social media.
- Whaling: This form of phishing attack targets any individual at an executive level like the CEO. Here the attacker takes his time to lure the victim and would continue communication for a considerable time before sending a similar email that leads to an information leak to the attacker. Whaling is considered extremely damaging as the people at the executive level have important data which if leaked can lead to serious damage to themselves and the company.
- Pharming: In this phishing technique the attack is not towards an individual but a large group of people. This can happen in two ways, first, through a code sent on the mobile phones of the target through email which modifies all the local host files in the system. Another through DNS poisoning in which the system’s local host files are not altered but the domain name system table is reworked. With both the techniques the users are forced to use malicious websites that steal their data.
- Vishing: So far, we discussed how emails can lead to frauds, but this goes beyond just emails. In this technique an attacker can execute vishing by setting up a Voice over Internet Protocol (VoIP) server on your phone to imitate several entities thereby stealing sensitive data and funds.
- Smishing: Moving from emails and voice messages even text messages can lead to phishing. In this technique malicious text messages are sent to trick the user to clicking on links that lead the users into sharing their personal data and information.
Ways of Phishing Prevention
Now that we have discussed the different types of Phishing, let us know how to prevent phishing from happening.
- Check the URLs carefully before clicking on it and be extremely carefully about the credentials of the website that you are using.
- Apply for card protection plan offer by Bajaj Finserv.
- Check the mobile numbers and share information only on verified mobile numbers.
- Organisations must conduct anti phishing online security training for employees to help them understand the various ways in which phishing can occur and ways to avoid these.
- Avoid answering calls from unknown phone numbers and do not give any personal information over phone or caller ID.