Last Updated on 2 weeks by Touhid
Phishing is a type of cyber attack which attempt to gain sensitive information such as personal information, credit card number and login credentials. This type of attack can be conducted via different ways such as email, text message, social media, websites or by phone. In this post, we will discuss on Phishing is What Type of Attack?
Phishing is What Type of Attack
Phishing is What Type of Attack? Phishing is one of the most common types of social engineering attack which can be happened in different ways. The phishing email may contain a malicious URL link or attachment file. If you click on that link then it may redirect to you vulnerable website or may install malware, like viruses, spyware or ransomware on your computer.
Cyber attackers are using social engineering techniques in order to manipulate victim’s confidential information such as login credentials, credit card numbers, network details, and more. Phishing is the first choice of cyber attackers to grab the sensitive information from victim.
There are many reasons of data breaches; phishing is one of the main reasons. Since about 90% of data breaches happen because of phishing attacks. Attackers are encouraged to victim’s click on vulnerable URL link or open the infected attachments.
For example, an infected attachment file seems to be original and come from trusted sources. The infected attachments can be .exe files, Microsoft Office files, and PDF documents. These types of file can install malware, ransomware or others.
Phishing is a type of attack that has negative impacts on organizations or individuals as well as society. There are many reasons a phishing attack may conducted. Here are the main causes of phishing attack:
- Lack of user awareness about Phishing
- Widespread use of emails
- Sophistication of phishing techniques
- Don’t have security tools and techniques
Types of Phishing Attack
Phishing is type or form of attack where attackers use email or malicious websites in order to gain victim’s personal and sensitive information. Here are the most common ways of phishing attack in which they target to victim.
- Email Phishing Attack
- Spear Phishing
- Whaling Attack
- Vishing Attack
- Pharming Attack
1. Email Phishing Attack
Email phishing is type of attack where attackers send a message to victims which seem to be trusted message, and asking victims to send information. A Phishing emails might ask for the following information from victims:
- Usernames and passwords
- Social Security numbers
- Bank account numbers
- PINs (Personal Identification Numbers)
- Credit card numbers
- Your mother’s maiden name
- Your birthday etc.
The email message may contain a URL link and attackers requesting you to send information via this URL link. The URL is looking valid link but when you hovering over the URL it’s may redirect to a malicious website to hack your sensitive information.
Here are the some important tips on how to protect from email phishing attack:
- Delete suspicious email
- Use antivirus software
- Do not download suspicious email attachments
- Do not reply to Phishing Email
- Never click on suspicious email links
- Update your Software and
- Up to date Operating system
Learn More About How To Prevent Phishing Email?
2. Spear Phishing Attack
In spear phishing, attacker attempt to steal sensitive information such as passwords, usernames, and credit card details from a specific victim’s or groups for malicious reasons. This type of phishing technique, attacker sends a message to victim with victim’s personal information such as name, email, phone number and contact address.
The information are achieved by attackers from victim’s friends, hometown, locations and what they have recently bought from online. The main reason for include these information is to gain victim’s confidence, therefore disguise themselves as a trustworthy friend and access the sensitive information through email or online messaging.
Learn more about How to protect from spear Phishing Attack?
3. Whaling Attack
Whaling is another type of phishing attack, that targeted attempt to gain confidential information such as financial information, stealing money or unauthorized access to computer systems from a company.
This type of attack directly targets senior management of an organization, such as the CEO, CFO, or other important individuals who have access to sensitive data.
4. Vishing Attack
Vishing is a type of attack that attempts to trick victims into giving up their sensitive information over the phone. It is the combination of ‘voice’ and ‘phishing’. Typically, Vishing works like as phishing attack, but does not always depend on the internet.
A vishing attack can be conducted by voice email or regular phone calls or landline or cellular telephone and requesting to send victim’s bank account information.
In this technique, you will get a phone call from perpetrator (visher) with the following message:
“Your account has been compromised. Please call this number to reset your password”.
When you will call to this (visher’s) number, you may hear recording message that your bank account has been compromised and ask for bank account information.
5. Pharming Attack
Pharming is type of cyber attack, where an attacker installs malicious software to victim’s computer in order to automatically redirect a fake site without victim’s consent or knowledge. The main target of pharming is to gain victim’s sensitive information such as login credential, credit card information and bank account details.
Tips to Protect from Phishing Attack
If we know “Phishing is What Type of Attack” then we can easily protect from Phishing Attack. Here are the some important tips on how to protect phishing attack:
- First know, “Phishing is What Type of Attack”.
- Ensure Security of your Personal and confidential Information.
- Enter your personal information only on secure website.
- Delete suspicious email and do not click on malicious link.
- Never provide your personal Information on untrusted website.
- Check the correctness of sender email addresses.
- Keep your browser up to Date.
- Up to Date operating system and security patch.
- Use Antivirus software.
- Install an Anti-Phishing Toolbar.
- Use Web Application Firewall
- Arrange Cyber security training and workshop.
- Prepare security policy and deployment.
Finally, Phishing is the most common type of dangerous attack in the cyber world and it is very easier to exploit your system. So, we should know and learn about phishing attack in order to protect our sensitive information. User awareness and education is the best ways to protect from phishing attack. Hope the article “Phishing is What Type of Attack” will be helpful for you!!!