BotNet News

Your source for Online Security News

Phishing

About Phishing

Cybercriminals use email, social media or malicious websites to pose as a trusted company or person and trick victims into handing over information. These attackers are often looking for a pay-off by stealing confidential data or installing malware on the victim’s computer.

They can be as simple as a bot sending you a private message with a link that leads to something bad, or more sophisticated such as an attacker posing as you on Facebook in order to gain your trust before asking for passwords or financial details. Attacks may also be sent through instant-messaging apps and even a victim’s work email, enabling them to bypass IT policies that might prevent email-based attacks.

Messages that phishers send impersonating organizations are designed to be as convincing as possible, often using well-written text and official logos, photos and other design elements. They will usually contain a sense of urgency or fear in an attempt to fool you into acting without thinking through the risks. These messages will usually request that you click a link or enter login credentials into a fake website or download an attachment.

Some phishing attacks are targeted at specific companies or people, for example a message that appears to be from your bank and asks you to verify your login credentials. Attackers will often tailor these to look exactly like a genuine bank email so that you feel compelled to act without question. The attacker will then be able to steal your credentials and access your account.