BotNet News

Phishing is an attack where attackers attempt to steal information, like usernames and passwords, credit card or bank account details. By masquerading as a legitimate source with an enticing request, attackers lure unsuspecting victims to click on links or open attachments that redirect them to malicious websites or download programs that are controlled by the attackers. This is a form of social engineering that leverages the attacker’s knowledge of a victim and their behavior to collect data that can be used to launch attacks against them (Suda, 2000).

Criminals often target specific events, like tax reporting or popular holidays, to increase the likelihood of their phishing attack gaining traction (Dhamija et al., 2006). They also use public resources, such as social networks, to collect a victim’s background information that can be used to personalize phishing attacks.

Attackers can also use tools, such as AI voice generators, to sound like a colleague or family member over the phone, further personalizing phishing attacks and increasing their chance of success (McCulloch & O’Shea, 2014).

If you receive an email that asks for your information, especially financial data, treat it with extreme suspicion. It is best to contact the brand directly using their customer support channel, but even then, never provide sensitive information via email or text message. Additionally, never click on links in emails or texts. Hover over links to see if the alt text matches the display text, or if it looks strange. This will help you identify phishing attacks before they cause damage.