What is phishing and how to prevent it?
Phishing is a criminal activity in which a fraudster (Fisher) tries to trick people into obtaining sensitive information such as passwords, bank card information, or something similar. Do not trust every site and every message, because it threatens your phishing or data theft. In this post, we will explain phishing in simple language, its types, and methods to prevent it.
What is phishing?
Phishing is a fraudulent activity in which criminals try to obtain sensitive information by deceiving people. The most important information that criminals use to obtain phishing is passwords, credit card information, bank account details. And so on. Phishing is usually done by forging a website (in terms of appearance and similarity of the site address), email (sending a scamming email), or texting and calling.
Phishing is a kind of attack through social engineering, in which the user is deceived and gives information to criminals with his own hands.
To better understand phishing, consider this example:
Suppose you are sent an email from a recharge card online store that reads: “You can buy a 5000 Toman recharge card for 4500 Tomans by clicking on the link below.”
When you see this tempting discount, you click on the purchase link. And you will be taken to a page the same as the bank’s online shopping page. Enter your bank card information for the purchase. After a short time, your bank account will be emptied. Because you entered your bank card information on a fake page, which will eventually reach the scammers.
The example above was just one possible example of phishing. Thousands of different tricks can be used to do phishing.
Phishing agents often send deceptive messages in the form of tempting offers (such as buying a cheap recharge card or winning a lottery). Or in the form of warning notifications (such as a quick password change or a cut in monthly salaries and subsidies) to make sensitive information anyway. Grab users.
Types of Phishing
Phishing comes in many forms and is usually classified according to the purpose and type of attack. The most popular types of phishing are:
Email phishing
This is the most common type of phishing. By sending an e-mail, the scammer impersonates a reputable person or company and uses deceptive techniques to obtain sensitive information from the victim. This method has two modes:
- Victims receive an email from Fisher (= someone intending to phishing) in which Fisher poses as a trusted individual or company and tries to obtain specific information directly from victims.
- Victims receive an email from Fisher in which Fischer places itself. As a trusted site and asks victims to click on the link in the email and enter their information.
The second mode is more commonly used.
Targeted Phishing or Spear Phishing
This type of phishing attacks a particular person or persons. So that the attacker first collects information from his victims and uses it in his messages to make the person more trustworthy. For example, in his message, he uses his name, surname, interests, phone number, etc. So that the victim does not doubt that the email is invalid.
Consider these two messages, for example:
- You have won the Bank X lottery.
- Dear Mr. Mohammad Azarnivar, you have won the Bank X lottery.
Certainly, the second message can gain the victim’s trust more than the first.
Malware
In this method, the fishers try to run a malware-infected program on the victim device. Once the malware is activated. Criminals can gain access to the victim’s sensitive information by accessing his or her computer or mobile phone. Malware is one of the most common phishing tools.
Software that contains links to a fake page is also used for phishing. Controversial software and games, often under obscene titles (such as Detector, Pocket Satellite, etc.), are among the most dangerous software used for phishing.
After installing the fake software, the victim pays for the services inside the software, unaware that he has provided his bank card information to the fraudsters.
SMS phishing
This method uses SMS instead of email. The attacker replaces himself with a large organization or company. And sends a text message for his purpose. The content of the SMS is written in such a way as to persuade the target to send information directly or click on a link.
For example, a text message will be sent stating that you have won a grand prize and you must click on a link to receive it.
Sometimes these text messages are sent as a warning. For example, some time ago, a text message was sent to Iranians stating that the user’s cash subsidy had been cut and that they had to enter the link in the text message to re-register. After entering the page, users will be asked to enter their bank card information.
Phone phishing
In this method, a scammer uses a phone call to deceive a person with various techniques to reveal his sensitive information. The bank card information of the people is usually the ultimate goal.
In Iran, for example, some time ago, a criminal called from inside the prison uninformed people. And by dragging them to the ATM and tricking them, obtained their second password and tried to empty their account.
Pharming
In a farming attack, cybercriminals manipulate the hosting files of a website or its domain name system (DNS). So when users enter the correct address to enter the site. They unknowingly enter a fake page and, if they enter the information, give it to the hackers. This is one of the most dangerous phishing methods because it is not possible for the user to correctly detect the website address.
Search results
In this case, the hacker uses SEO methods or ads in search engines to bring up a fake website in the results and uninformed users from everywhere click on the initial results and enter their personal information in a malicious site. Of course, big search engines like Google are struggling with phishing scams these days. But sometimes these sites also have trouble identifying these phishing websites.
The same fake URL and page
In this method, the scammer uses an address similar to the original site. To trap users who inadvertently enter the wrong site address or to mislead users in their fake emails.
An example of an Amazon site address is Amazon.com. The offender domain A rn buys the azon.com (note the letters r and n, which are similar to m) and launches a site with the appearance of an Amazon site on it. By doing this, if users mistakenly log in to A rn azon.com, they will give their user information to the scammer, thinking that they are on the main Amazon site.
Another example is the jimail.com domain, which is similar in pronunciation to gmail.com. This address has been phishing Google accounts for a while, but it has finally stopped.
Hacking and infiltration through communication networks
This type of phishing requires high technical knowledge in hacking and infiltration of communication networks in which a hacker manipulates a healthy communication, between the source and destination of the data and accesses the exchanged data.
