Phishing is the most prevalent cyber attack today. It is a type of cyber attack where hackers send fraudulent emails or text messages (a.k.a. Smishing) that appear to be from a legitimate source, such as a bank, credit card company, or government agency. Phishing aims to trick the victim into clicking on a malicious link or providing personal information, such as a password or credit card number. These phishing links can also hide in QR codes, pictures, or event invitations.
The word "phishing" is a combination of fishing and phreaking. Fishing refers to the attempt to "fish" for passwords and financial data from the "sea" of Internet users. Phreaking was the original form of hacking known as phone phreaking.
Common Phishing Methods
Here are some of the common phishing methods hackers use:
Bulk Phishing
In Bulk Phishing, Phishing messages are sent in a wide untargeted distribution, waiting for some to take the bait and enter their personal details.
Spear Phishing
Spear Phishing is a more sophisticated attack where the hackers aim at a specific person or group. They collect information about them, usually from public sources, and appeal to them by name and according to their fields of interest. This way, the message will appear appealing and trustworthy to the victim. This attack can sometimes be sent supposedly from someone you know if their email address or social media account has been hacked.
Social Media Phishing
Hackers sometimes pretend to be known social media figures or send messages, supposedly on behalf of the social media platform. For example, a statement from Instagram saying that your account will be blocked unless you click on the link.
Deep Fake
Deep Fake is a relatively new kind of phishing, where hackers get a hold of an audio or video of one of the victim's closest figures - like a life partner, relatives, or boss. Through AI, they pretend to be that figure, and by that, they make the victim transfer their money or personal/work-related details.
Other types of phishing include attacks via pop-up ads on unfamiliar websites and social media ads, seducing people to click for the chance to win a prize, etc.
Phishing Damages
Phishing damages can range from preventing email or data access to severe financial damage. Sometimes hackers can use the information they collected on the victims to steal their identities outside their digital lives, open bank accounts in their names, etc.
How to recognize a phishing message?
A phishing message implies urgency or a threat to act in a certain way, like clicking a link or sending personal details.
A supposedly formal message with spelling and grammar mistakes.
A message from friends or colleagues with an exceptional request or written in an untypical way.
The name of the sender or the link seems suspicious. You can hover over the link to see where it leads to.
How to avoid phishing attacks?
Be cautious with every email or message that you receive. Refrain from clicking on unknown links.
Do not click links or open email attachments from an unknown sender.
Do not download apps not on an official store (Google Play or App Store).
Activate two-factor authentication (2FA) in all your accounts, including your email, bank accounts, etc. 2FA can block hackers, even if they retrieve your password.
Share your information with caution on social media platforms, or limit the exposure of your posts to your friends only.
If you have Cyber Aid's warranty and app - you are in good hands! Our app will monitor the devices connected to your home network. Download our advanced CyberAid app in the link below to safeguard your digital life.
You can check suspicious links in our innovative app's Pishing Protector. If you believe you are a victim of a cyber attack, contact us immediately via the app or our call center.