BotNet News

Phishing is a type of cyber attack that targets people, organisations and systems. Attackers can use this attack to steal sensitive information from unsuspecting users, including account credentials, passwords and credit card details. They can then use this stolen data to commit crimes such as identity theft and fraud.

Attackers often create email and Internet pages that look like the real thing. They can even include a fake padlock icon that is usually used to denote a secure site. This makes it hard to tell the difference between the genuine article and the phishing version.

The attackers prey on fear and a sense of urgency, using strategies that tell the victim that their account will be suspended if they don’t take immediate action. They also attempt to personalize the message by mentioning specific details such as their name and attempting to mimic the tone and language of colleagues or friends.

In the 2000s, phishing attacks became more sophisticated and targeted online payment services and social networking sites. One example involved a phisher posing as a PayPal representative, convincing the victim to click a link that would redirect them to a fake website and ask for their passwords.

Keeping up to date with the latest phishing threats is vital for individuals, and for businesses to protect themselves. For example, implementing DMARC and encouraging contacts to do the same will improve defences by telling users whether an email they receive is legitimate or not.