What and How of Phishing

What and How of Phishing

Phishing is a technique for fraudulently obtaining various private information like user ID, Password, Card details, PIN, DOB, CVV etc. This is by far the most common type of social engineering attack.

Modus operandi:

Hacker sets up a page looking very similar to the bank or shopping website. Bulk email has been sent to the available mobile number with link to the fraudulent website, and users are asked to login. Sometime this type of website pop up while someone browsing in internet, with catchy phrase.

When user click the link the fraudulent site opens and unaware user provide the user id, password and other critical details in the website, from which the hackers got the data and the user is directed to actual website. User are unware about this data theft.

This collected data to be used by hacker in future, resulting a devastated consequence for the user, who become victim of the cyber fraud.

Hacker uses a combination of Phishing (Email), Smishing (SMS), Vishing (Voice) technique altogether a psychological ploy to extract the data and subsequent duping of user.

How to avoid phishing?

• Do not open spam email, or email send from user you do not know.
• Be cautious about email, that
  • Ask for personal information,
  • Instigate some threats (viz. electricity line to be cut)
  • Instigate greed (Avoid too good to be true offer)
  • Ask for some immediate actions.
• Think before you click any attachment or link
• Protect your computer or mobile using effective antivirus and/or anti spyware
• Access your bank site by typing URL in the address bar of your browser only, rather than from received link, even from search engine.