BotNet News

Phishing is a form of social engineering attack that involves tricking victims into providing confidential information or credentials to attackers. The attackers use this stolen information or credentials to cause various types of damages. Attackers collect information manually or through automated means depending on the situation (Ollmann, 2004).

The attacks usually begin with an email that mimics a legitimate source. For example, attackers may claim to represent a well-known credit card company or financial institution. They often suggest that there is a problem with your account and require you to provide information in order to resolve the issue. This information can then be used to steal your money, login details or personal data.

A phishing attack typically contains links or attachments that direct the victim to a fraudulent website or download malware. Using the urgency created by an enticing message, attackers are able to get victims to click on the links or open the attachment. The malicious websites and downloaded payloads then expose the victim to a wide variety of attacks.

Criminals are able to gather the information they need to create a phishing attack from public sources such as social media and the victim’s own web browsing history. This allows them to personalize the message and increase the likelihood of a successful attack.

Never respond to messages that request your passwords, login details or any other confidential information. If a message looks suspicious, contact the sender directly to confirm they are who they say they are before clicking any links or opening any attachments. Change your passwords regularly and make sure you have a strong cybersecurity defence system to limit the damage done by attackers. Installing a high-quality firewall will act as a buffer between you and hackers, reducing the odds of an attack being successful.