Buzz
In previous articles, Mytour introduced Trojan horse attacks and common types of Trojans. In this article, we will further explain what Phishing is.
What is Phishing?
Phishing (spoofing attack) is a form of cyber attack where the attacker impersonates a reputable entity or business to deceive users and collect their sensitive information, such as credit card details, usernames, passwords, etc.
Typically, Phishing attacks use fraudulent emails to persuade and deceive users into entering their information on a fake website.
These emails usually request users to reset their passwords or confirm their credit card information, then redirect them to phishing websites designed to look like legitimate ones.
Common forms of Phishing (spoofing attacks) include clone phishing, spear phishing, and pharming.
Furthermore, Phishing attacks are also used in the cryptocurrency ecosystem, where malicious actors attempt to steal Bitcoin or other cryptocurrencies from victims.
For example, an attacker could impersonate a legitimate website and change the wallet address to their own, making users believe they are paying for a legitimate service but in reality, their money is being stolen.
Common Phishing Techniques
There are various forms of Phishing attacks classified by target and attack vector. Common Phishing techniques include:
- Clone Phishing: Attackers use previously sent legitimate emails and copy the content into a similar email containing a link to a malicious website, claiming that the link needs to be updated or the old link has expired.
- Spear phishing: This form of attack primarily targets a user or organization that is already known. Compared to other Phishing attacks, Spear Phishing is much more sophisticated because it relies on information about the victim. This means that attackers will first gather information about the victim (such as the names of friends or family members), then use this data to create an email that convinces the victim to visit websites or download malicious files.
- Pharming: Attackers will spoof DNS records, then redirect visitors of a legitimate website to a previously designed phishing website. This attack is considered the most dangerous because DNS records are not under the user's control and cannot be blocked.
- Whaling: A form of Spear Phishing that targets high-profile individuals, such as CEOs or government officials.
- Email Spoofing: Email Phishing often impersonates contact information from legitimate companies or users. Spoofed emails can deceive less knowledgeable victims into accessing malicious websites, where attackers collect login information and PII through cleverly disguised websites. These websites may contain trojans, keyloggers, and other malicious scripts to steal users' personal information.
- Website Redirect: Website Redirect redirects users to URLs other than the ones they intended to visit. Attackers then exploit vulnerabilities to inject redirects and install malware on their computers.
- Typosquatting: Typosquatting redirects traffic to counterfeit websites, taking advantage of users' spelling errors in website addresses or variations in top-level domains.
- Watering Hole: In a Watering Hole attack, fraudsters use user information to identify websites they frequently visit, then scan these websites for vulnerabilities. If possible, they inject malicious scripts designed to target users the next time they visit that website.
- Impersonation & Giveaway: In addition to the techniques mentioned above, fraudsters may impersonate influential figures on social media to deceive victims.
Fraudsters may even target victims by applying non-technical attack methods to identify those who are gullible, then steal verified accounts and modify usernames to impersonate someone while maintaining verified status. Victims will interact and provide PII to these seemingly influential figures, providing an opportunity for fraudsters to exploit their information.
- Advertising: Paid advertising is another technique used for Phishing, using domains created by the attacker for typosquatting attacks and paying to increase rankings in search results. These websites may appear as top search results when users search for legitimate companies or services.
These websites are often used as a means to deceive victims and collect sensitive data including login information for transaction accounts.
- Malicious Apps: Attackers can also use malicious apps as vectors, injecting spyware or stealing sensitive user information. These apps can act as price-tracking tools, wallets, and tools related to cryptocurrency.
- Text and Voice Phishing: Deception through SMS, text messages, and voice is also a form of Phishing, where the attacker will attempt to collect the victim's personal information.
Phishing and Pharming
Although Pharming is considered a form, a technique of phishing attacks, this form of attack is based on a different mechanism. The difference between Phishing and Pharming lies in Phishing relying on the victim's mistakes, while Pharming only requires the victim to attempt to access a legitimate website with a tampered DNS record.
Preventing Phishing Attacks
- Be cautious with emails: To prevent Phishing, the first solution is to be cautious with emails you receive from strangers or emails with suspicious content.
- Check email content: Try entering part of the content or the user's email address into search tools to see if there are any records of Phishing attacks using this content.
- Avoid clicking on attached links: By limiting or ideally avoiding clicking on links in emails sent from strangers.
- Check URL: Hover over links but do not click to check if the URL of the link starts with HTTPS. However, note that this solution cannot guarantee that it is a legitimate website. Also, carefully check URLs for spelling errors, unusual characters, etc.
- Do not share Private key: Absolutely do not provide the Private key issued for your Bitcoin wallet. Also, be cautious in considering products and sellers you are about to transact with are legitimate.
The biggest difference between cryptocurrency transactions and credit card transactions is that there is no agency or third party to resolve if you have made a transaction but have not received the agreed product or service. That's why users are warned to be cautious with interfaces for virtual, cryptocurrency transactions.
In this article, Mytour has introduced What is Phishing? Also, if you have any questions or need answers like What is RCS?, readers can leave their comments below the article.
If you frequently browse the web, the ChongLuaDao extension will be a very helpful tool for you in detecting malicious websites that pose a danger to your documents and information. ChongLuaDao is installed on Chrome, Firefox, Coc Coc, all of which are popular web browsers today.
