What is Phishing?
Phishing is a cyber attack in which a person or group poses as a legitimate institution (like a bank, university or email provider) to trick users into providing personal information like passwords, usernames and/or security codes. Once stolen, these credentials are then used to access sensitive accounts, potentially resulting in financial loss or identity theft.
While the phishing threat continues to evolve with new technology and how we use the internet, the attack itself remains the same. The attackers are trying to get your attention by creating an urgent message that looks real and convincing to you, which could be as simple as a fake request to look at a document from a colleague or a customer query from the university helpdesk.
The phisher’s first step is to collect data about the victim, either manually or automatically. This data may include public information such as the user’s social media profile, email addresses and other contact details. This information can be combined with other malicious activities such as buffer overflow attacks, distributed denial of service (DDoS), or zero-day software vulnerabilities, which are newly discovered and exploited before the vendor issues a fix (Ollmann, 2004).
Most people are not aware that they have opened, replied to or clicked on a phishing link, so it is important for us all to work together to make it harder for criminals to steal our information and damage our digital reputations. Using the NCSC’s guidance on how to implement DMARC, and encouraging all your colleagues and contacts to do the same, will give you greater confidence that when someone emails you asking for information that it really is from who they say it is.