BotNet News

Your source for Online Security News

Phishing is a type of attack that involves criminals masquerading as trusted business contacts or other institutions to trick victims into revealing sensitive information. Attackers typically lure targets with attractive offers or threats and encourage them to click on fraudulent links that may download malware, steal personal data or access bank details. These attacks are aimed at a variety of targets, from private individuals to senior corporate executives and even world leaders.

Attackers use a variety of strategies, from fake screen names in chat logs to impersonate admins to phishing emails that include attachments loaded with malicious code. They often target victims using their own personal details gathered from public sources like social media, email archives or data breaches. They also take advantage of people’s fears and a sense of urgency by urging them to act fast, such as warning they are about to lose their account or that their payment is being delayed.

Other telltale signs of phishing are spelling and grammatical errors, claims of urgency or slightly-off links (hovering the cursor over a link can reveal its destination). In addition, users should change passwords regularly to reduce an attacker’s window of opportunity and implement multi-factor authentication.

This year’s F5 Labs Phishing Report is based on five years of attack intelligence from the F5 Security Operations Center and deep dives into active and confirmed phishing sites provided by OpenText’s Webroot BrightCloud Intelligence Services, Dark Web market data from Vigilante and research from Shape Security.