What is Phishing Attack?

Phishing fundamentally is a form of social engineering attack that is most frequently used to steal sensitive user information such as login credentials and credit card numbers. Usually phishing uses disguised email as a weapon. The main objective here is to deceive the recipient of the email into thinking that the content is something crucial. For instance, a request from the bank or a message from a colleague that seems trustworthy on a superficial level but actually contains a link that can lead to dire consequences. This link can be malicious to the extent of installing a malware, where the user is frozen out of their system as a subset of a ransomware attack or exposing sensitive information of the user.

Phishing is also used to gain a foothold in corporate or governmental networks as part of the larger scale of threats, for example an advanced persistent threat (APT) event

In this scenario, employees are compromised in order to bypass security perimeters, distribute malware inside a closed environment, or gain privileged access to secured data. Consequently, this will result in hefty financial losses up till market shares start to decline, as well as losing reputation and the trust of the customer. The end result could escalate into a nasty security incident that will put the company to test in terms of recovering from these attacks.

 

Types of Phishing

      A “phish” is the analogy of an angler throwing a baited hook and hoping someone falls prey to it. Nearly one third of all breaches in the past year involved phishing, verified by the 2019 Verizon Data Breach Investigations Report.  There are numerous types of phishing such as spear phishing, whaling, vishing, snowshoeing.

Spear Phishing

Spear phishing is done through attackers by crafting a message to attract a specific individual rather than playing to the odds. Phishers identify their targets by using information found on social media and use fake addresses to send emails that could plausibly appear as legitimate as a colleague sending it. For example, the spear phisher might target a person from a specific department by posing as the victim’s manager and requesting a large bank transfer on short notice.

Whaling

Whaling is a form of phishing which is generally targeted at the most lucrative of societal class. The high-profile users such as CEOs or company board members where the latter often fall prey to these attacks. As board members have a great deal of authority within a company but aren’t full time employees, they often use personal email IDs even for business-related correspondence, which doesn’t have the same protection as the corporate email.

Clone Phishing

Clone phishing requires the attacker to create a nearly identical replica of a legitimate message to trick the victim into thinking it is real. The email that is sent resembles the legitimate sender, and the body of the message looks exactly the same as the previous ones and the only difference is that the attachment or link have been swapped with a malicious one.

Vishing

Vishing is the abbreviation for voice phishing which entails the usage of a phone. Conventionally, the victim would get a call with a voice message disguised as a communication from a financial institution. Moreover, it would prompt the victim to key in certain information or even their security PIN that will be compromised.

Snowshoeing

Snowshoesing, also known as a “hit-and-run” spam requires attackers to push out messages via multiple domains and IP addresses. Each IP address sends out a low volume of messages, so reputation- or volume-based spam filtering technologies can’t recognize and block malicious messages right away. Some messages might make its way to the email inboxes before the filters learn to block them.

      Some of the most notable cases that affected the ecosystem of a company were Sony Pictures, Google and Facebook, the Ukranian Power Grid Attack, Upsher-Smith Laboratories and Ubiquiti Networks. With Sony Pictures, a series of spear phishing emails were sent to Sony employees that set the security breach into motion. Upon researching employee names and titles on LinkedIn, hackers posed as co-workers whilst sending malicious emails containing malware to unsuspecting employees. In the end, more than 100 terabytes of company data were stolen, including newly released files, financial records, and customer data. Ultimately, this blunder cost Sony more than $100 million of losses.

      In the case of Google and Facebook, when giants in the tech field fall prey to cybercrime, the world starts to notice. In this instance, a business email compromise (BEC) campaign that began with a single phishing email turned into a long-term money-making scheme. A hacker, pretending to be a computer parts vendor had sent a myriad of fake invoices between 2013 and 2015 which were paid by the two companies. Over $100 million was forked out, albeit the cybercriminal behind the scam was found and apprehended in Lithuania before being deported back to the United States and serving five years in a federal prison.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top