PHISHING
- June 8, 2020
- Posted by: Netrika
- Category: Cyber Security
CURRENT SCENARIO
As we are increasingly evolving into the digital world, the risk has become higher for us to get phished. Most freeware or cracked software (especially torrents) that we get online on relatively unreliable websites is infected with malicious content.
Let’s look at some interesting scenarios:
- Fraudsters fake their identity as government officials and send phishing emails to taxpayers on the pretext of some feedback or query.
- Hackers don’t even spare the victims in case of a natural calamity. It is often seen that a few fraudulent online portals come live seeking donations and claiming to help the affected victims. It is hard to discern the legitimate ones from the fakes.
- Scammer mails are not new to us. Emails claiming that there is a certain amount of money waiting for you in some bank and to transfer it, you need to get “PHISHED” i.e. either send them your bank details or transfer some amount to initiate the so-called process.
THE CASCADING EFFECTS
Nowadays, the cascading effects of phishing are commonly seen as ransomwares. Ransomware is nothing but an extension of phishing. The users get affected after they are phished. The chaos is such these attacks exist in every industry regardless of the nature of business. Sometimes it is for the hack-value and sometimes it is for easy money and scare tactics.
The less aware and trained you are, the more vulnerable you are. The loss is not just limited to monetary concerns, but it also risks the reputation of the firm, market value of the firm and confidence of clients in the firm.
PREVENTION
Although, phishing is a vast topic of discussion and it sub-branches into various domains, the main aim is to understand the functionality and the risks involved because they tend to overlap in all scenarios.
- Always inspect what you click online- If you carefully inspect the content that you see online, you will find certain pointers which verify the authenticity of the content. There always is something Fishy when its Phishing.
- Report any suspicious mail or online content to the respective department- Half of the victims get compromised not because the attacker possesses extraordinary skills but because the act did not get reported to the right department at right time.
- Don’t autocorrect something that doesn’t seem correct- It is often seen that the victims are generous enough to correct the wrong that is evident on a phishing mail or a webpage. This common-sense can prove to be very harmful and most of the times hackers use such tactics to confuse the target and take advantage of that confusion.
- Always maintain and update relevant policies for employees- An old saying – “Prevention is always better than cure” – proves crucial in staying safe from cyber-attacks. It is advised that the policies inherited by the firm be revised timely and anti-phishing campaigns and audits be incorporated to stay vigilant.
It all started in 2004 when a teenager imitated a website to steal crucial user information. Since, then the game has been that of a cat and a mouse. The core functionality of PHISHING has remained the same over the years. The only things that have changed are the sophisticated techniques of deception (making the fake look real).
METHOD
Reconnaissance-> Setup-> Attack-> Harvest
Reconnaissance-The initial phase in which the attacker identifies the target based on some basic criteria- target’s behaviour to unknown mails, interests and other public information from social threads.
Setup- Once the target is identified, based on the information gathered, the most suitable way of initiating the attack is chosen.
The basic setup of phishing includes the following:
- A convincing point of contact with the target (email id, social account etc.).
- A secure hosting that hosts the malicious content and is not easy to trace back. (Bitcoins play a big role in hiding the identity)
- A server to harvest the victim data.
Attack- The complexity of the attack is not in execution but in how the attacker gains confidence of the victim and how stealthy the execution is. The attacker sends the payload in form of a file or a URL and wait for the target to push the go button mistakenly by either clicking a URL or downloading an unknown file.
Harvest- Once compromised; the target is at the mercy of the attacker. The attacker can gather critical information such as passwords, emails, confidential data etc.