What is Phishing? Attack Techniques & Examples GRIDINSOFT TEAM
Phishing is one of the most widespread methods of credential stealing, used by cybercriminals from all over the world. It is very easy to disguise, its efficiency is extremely high, and moreover - it is hard to blame the phishing organization for any sort of cybercrime. In fact, the victim brings them the credentials himself, without any forcing from the crooks, so it can barely be classified as extortion or malware spreading.
The ways of phishing are numerous, and it is likely impossible to mention them all and don’t miss one. However, there are several phishing methods that are the most widespread nowadays. Exactly, they always were the most widely used, because of their simplicity and high chance that the victim will be trapped. Meet the “heroes”!
This method may be done in two ways - graceful and clumsy. Graceful method is used much more rarely, since it needs the infected network router, which the victim uses to connect to the Internet, or a specific malware on a victim’s device. Infected router is needed to intercept the packages victim sends to the server (if the connection is unsecure), or to re-route the request on the counterfeited site.
Malware on the victim’s device is needed to change the networking settings, in order to forcibly open the phishing page at the attempt to open a legit page. Malware targets the HOSTS file in Windows, that contains DNS information for sites which must be connected through unstandard DNS addresses. To force the PC to show you the phishing site, fraudsters add a specific DNS for Twitter, or Facebook. Once changed, the DNS-address will force each of the browsers to send requests from the specified DNS, which is controlled by crooks.
Clumsy methods have some details in common with graceful ones, but they do not require any sort of interruption into the victim's computer. These phishing methods look like a simple redirect from a certain website on a page with the address “fasebook.com” or “tvvitter.com”. It is very easy to detect the counterfeit when you are not hurrying and have enough time to check the address bar, but may surely miss this detail when the redirection link is accompanied by the shocking statements of some sort.
Modern shape of a well-known fraud
In 2021, the cybersecurity world witnessed a massive email spamming campaign, which was a part of a phishing scheme. Victim received a scary message that mimicked, for example, the notification from the bank. In this message the person was told that the conditions for serving his credit card (or debit, whatever) are changed, so he/she must approve these alterations. Otherwise, as email promises, the account(s) will be blocked.
To approve the “changes”, you are instructed to follow the link at the message’s bottom. This link led to the poor copy of the bank site, exactly, to the login page. After the attempt to log in, you will see only an error message. The fake page is very hard to confuse with the original one, but when you are scared, or just visit the real online banking site quite rare, it is easy to think that you are on the original one. After such a mistake, your money will be in a big hazard - fraudsters have full access to your online banking.
Have you ever got a call from your bank’s safety service? If not, no one likely tried to fool you in that way. That method has disappeared several times, but then got back into view, again and again. As you may already understand, you receive a phone call from a person who grants himself an employee of the security service of your bank. He or she claims that your account as well as your bank card are blocked due to the unauthorized login attempts. To unblock the account, you must only say the security code you get on the phone number which is related to the mentioned bank account.
In fact, this security code is a code which approves the password reset. Fraudsters (and a person from “bank security service”) are just attempting to log into your online banking account, and the digits you report them are a key to all the money you have on your bank account.
Phishing forms to get your personal information
Sometimes, you may see the offers to fill a simple form and get the reward of some sort - pack of badges, certificate for courses of origami or invitation to the exhibition. In that form, you need to answer some easy, sometimes absurd questions, and write your name, email and phone number; sometimes, they also ask about your address and . Under the guise of a legitimate “quiz”, crooks receive the full pack of your personal information.
After collecting the information from a certain amount of people, these tricksters are free to manage it. They can sell it on different platforms (even in Darknet), also can use it to spam you - with email messages or even real paper letters. Sometimes, they can come to your door with an offer to purchase some useless items for the tripled price. Of course, at that moment, they will try to assure you that these things are irreplaceable for home and office, and you must buy it for your own good.
How to protect yourself from phishing?
The majority of phishing cases are conducted mostly thanks to the victim’s inattentiveness. Hence, you may suppose an easy solution - being attentive at each questionable moment. Opening the link you found in the group chat on WhatsApp? Check precisely the address bar, because it easily can be something like “tvvitter.com”.
To avoid the phishing methods which are done with malware that modifies your system, check precisely the certificate of the website you are attempting to open. Fraudulent copies which are posted on the bogus DNS-address are not able to get a HTTPS certificate. Click the lock icon at the left end of the address bar in your browser - it will show you the information about the certificate presence.
Do not spread your personal information. Aforementioned quizzes can look like something peaceful, and you may be interested in the prizes they offer. However, think twice before sharing the information which will be used to make money - they are just exploiting you.
Ultimate method of counteraction for any form of phishing on the computer is anti-malware software. Of course, it is important to note that not each security tool will fit you - the best protection is guaranteed by programs which have an online protection function. That feature enables the website filter, which forbids the loading of malevolent counterfeits of popular pages. GridinSoft Anti-Malware may offer you such a function. Moreover, it is also able to get rid of the virus that helps the fraudsters to fool you.