Phishing is one of the most common attack vectors used by hackers and social engineers to steal identities. Phishing involves sending an e-mail, usually posing as a bank, credit-card company, or other financial organization. The e-mail requests that the recipient confirm banking information or reset password or PIN numbers.
Phishing is the practice of sending fraudulent e-mail messages to addresses requesting them to supply confidential information. The e-mail is disguised to look like a request from a legitimate organization such as a thrift, or a credit card company. Victims may be directed to provide personal account information by responding to the e-mail. The hacker and social engineering is able to capture this information and use it for financial gain. The brief e-mails that addressed masses were no longer the most effective way to trick a victim into giving up their credentials.
Phishing is the practice of sending fraudulent e-mail messages to addresses requesting them to supply confidential information. The e-mail is disguised to look like a request from a legitimate organization such as a thrift, or a credit card company. Victims may be directed to provide personal account information by responding to the e-mail. The hacker and social engineering is able to capture this information and use it for financial gain. The brief e-mails that addressed masses were no longer the most effective way to trick a victim into giving up their credentials.
Attacks method
1. Fake Website
Attackers try to convince the user that the email has been by a trusted organization. The phisher then sends out messages to fool a victim into clicking the link in the email and is redirected to a fake website. Links in those emails lead to fake websites that look like the original website. The purpose of the fake websites is to catch the log in data of the user who does not realize that the fake websites is not the real one. The unsuspecting victim log in and their credentials logged.
2. Pop-up windows
A pop up appears that is from a company that you have open in another tab. They may have several tabs or windows open with several different websites including PayPal, Google, Amazon.com and Ebay.When the real website loads, a pop-up appears asking for the user's credentials,to enter your password and your credit card information.The victim viewing the legitimate site in the background would think the pop-up was from a legitimate source and enter their information.
No comments:
Post a Comment