BotNet News

Your source for Online Security News

A phishing attack is an attempt to steal your personal data, such as login details or financial information. Attackers pretend to be someone you trust, such as a bank, a friend or an organisation and trick you into handing over data they want. Usually, this involves clicking on a malicious link in an email, but attacks can also come as SMS messages (so-called’smishing’), through social media or even via phone conversations or apps.

Cyber criminals can then use the stolen information to commit fraud or hack your account. They can then profit from the fraudulent activity, such as by selling on your username and passwords or stealing your money. They can also use your contact list and other data to target people you know, which is known as spear phishing.

Attackers often prey on fear and a sense of urgency by telling victims their account will be deactivated or that a payment needs to be sent immediately. In more advanced phishing attacks, attackers will even use AI voice generator tools to sound like a manager or family member over the telephone to make the phishing attempt seem more credible.

Some phishing emails are designed to install malware on a victim’s device or company network by containing malicious attachments. These may be in the form of websites, shell scripts or Microsoft Office documents containing malicious macros. Attackers can also pose as trusted sources such as banks, colleagues and friends by spoofing Wi-Fi access points in public locations such as hotels and caf├ęs.