4 Types Of Phishing Attacks And 10 Signs To Know A Phishing Email

Phishing is a type of social engineering attack built on manipulating and deceiving people to reveal confidential and private information which is then used to carry out further crime against them.  This attack takes advantage of gullibility and vulnerability of human emotion to steal from people. Phishing attacks have become a popular, easy to use and very dependable tool for cyber criminals.

When in operation; criminals would reach out to users through any communication channel, pretend to represent a legitimate authority; maybe a financial service provider, health insurance provider, a family member or trusted friend, proffer assistance, then request for inimical action from the user.

Actions that maybe required from users during phishing attacks include but not limited to;

  • Reveal private and confidential information, e.g. password, date of birth, social security number, BVN, code, etc.
  • Click a link that will further direct users to secondary resource where confidential information will be stolen.
  • Open attachment which in most case will contain malwares that will launch further attack on the device and network.
  • Request for cash to enable a staged problem to be solved.
  • Reveal a sent code to enable completion of a proposed solution.

With automation and Artificial Intelligence dominating and directing modern interactions and commerce, people shall depend more on digital channels of communication. Available facts have proven that oftentimes, phishing attacks regardless of its type have more success rate than failure. This means more people are falling victim to these exploits. Hence, the benefits of deepening your understanding about them.

Let’s dive into four common types of phishing attack. And how to identify email based phishing attack.

ALSO READ  Bank With The Best

Four types of phishing attacks.

Spear phishing – this type targets specific category of persons, e.g. insurance or bank customers, students, male mine workers, etc.

Whaling attack: is a sub-spear type of attack that targets high net worth and high-profile individuals like company executives, politicians, celebrities, etc. Just like implication of the name “Whale” biggest fish – this attack targets only “big fish”. That is, wealthy people.

Smishing attack: this is an SMS based phishing where short message service is used to deceive a receiver into providing private and confidential information or taking other action. This is catchy because, it does not require internet connectivity to hit its intended targets.

Vishing attack: this type is a direct opposite of smishing. It uses voice call to reach out and deceptively request for confidential and private information from receiver. In the same vein, internet connectivity is not required to execute this attack.

Ten Signs to know a phishing email

  • It will come from a stranger: oftentimes phishing emails come from unknown person or agent.
  • It will come from a public email domain: examples of public email domains are yahoo.com, gmail.com, hotmail.com.
  • Domain name will either be misspelt or corrupted: when it pretends to come from private domain, such domain will never spell correctly as the genuine one. There will be a form of misspelling or corruption of it.
  • It will disguise as proffering assistance: merchants of phishing attacks always pretend to offer one form of assistance or the other. Shylock assistance you may call it.
  • The mail content will be poorly written: content of mail will likely lack expected quality of a business communication.
  • Mail will include suspicious attachment or link: this would require further actions like follow or open.
  • It calls for urgent action: whatever is the call for action from phishing attack always comes with “urgency”.
  • It will request user to provide personal information to enable closure of an event.
  • It may request user to send cash to enable a staged problem to be solved.
  • It will appeal to a defined sentiment.
ALSO READ  5 Food Security Measures to Ensure In Your Homes

Phishing is a low end and cost-effective tool for cybercrime. It is a social engineering attack that exploits inherent weakness in people to get through and steal from them or carry out other crimes against targets. Getting basic knowledge about method of attacks and the techniques to identify them is a better way to go to prevent being a victim.

ALSO READ:

Cybersecurity Threat Of Social Engineering

About Author


Discover more from TRW Interns

Subscribe to get the latest posts sent to your email.

Discover more from TRW Interns

Subscribe now to keep reading and get access to the full archive.

Continue reading