What is Phishing, Types of Attacks, and How to Deal with Them

Threat Prevention

We’ve talked a great deal about recent cyber-attacks due to COVID-19. Even big organizations like the World Health Organization reported that it faced five times more cyberattacks since COVID-19 than it did around the same time last year. In addition, scammers have been impersonating WHO to get donations from the public by sending out targeted emails. This is known as spear phishing, which we will explain later in the post.

Although people are more cautious of cyber-criminal activity during the pandemic as well as how to protect themselves, they still become victims of attacks and their information gets compromised.

It’s important to remain aware of how attackers try to scam people and the different ways they do it by what is called phishing.

What is Phishing?

Phishing is the malicious attempt to get sensitive information via electronic communication by disguising oneself as a trustworthy entity. In other words, pretending to be someone or something you are not to scam people into giving their personal information or money.

Phishing started around 1995 with phishers or attackers, using emails and websites to trap people into giving their information. Phishers would start by stealing people’s passwords first before getting the credit card information.

Types of Phishing Attacks 

  • Email: This is the most common type. Phisher sends out mass emails with malicious links or attachments in hopes that someone will fall for the trap.
  • Spear phishing: Phishers target specific people and send emails to them. The attacker knows who they are after.
  • Content spoofing: These are links or domains that look legitimate, but the pages are modified and clicking on it can expose your information
  • Link manipulation: Similar to content spoofing, but attackers hide links in emails
  • Smishing (SMS phishing): This is an attack by texting a person in hopes of getting a reply or getting them to click on a link to reveal their information
  • Vishing: An attack that happens over the phone. The calls are usually automated and asks the users to dial a number.

 

Common Features of Phishing Attacks 

  • Too good to be true: It is an eye-catching statement to grab your attention
  • Sense of urgency: The attacker asks you to act fast before the deal expires or something bad happens
  • Hyperlinks: The hyperlink hides malicious content. If you hover over the link, it shows you the actual URL where the link will take you if you click on it.
  • Attachments: Attachments often contain ransomware or other viruses
  • Unusual sender: If you don’t recognize the name or email, or it seems odd, don’t click on it

How to Deal with Phishing Attacks

 If you think you may have been a victim of a phishing attack, contact your help desk, security team, bank, or respective people who can determine if your personal information has been compromised.

Don’t feel pressured to give out your information. Do your research first and speak to your security team.

You are the most effective way to detect and stop a phishing attack.

Article written by:

Farah Khan,

Writer, Multimedia Content Creator & Digital Marketing Specialist