Phishing Attack and its Types

By: Arya Brijith, International Center for AI and Cyber Security Research and Innovations (CCRI), Asia University, Taiwan,sia University, Taiwan, arya.brijithk@gmail.com

Abstract

This article delves into the topic of phishing attacks. It explores the many forms of phishing attempts, ranging from conventional email scams to advanced spear phishing techniques. Understanding these strategies and utilizing a blend of technological and user awareness, people and institutions may reinforce their defenses against these malevolent attempts, safeguarding against identity theft, monetary damages, and data breaches.

Keywords phishing, attacks, trojan, cybersecurity

Introduction

The most prevalent kind of social engineering is phishing, which is the act of tricking, coercing, or influencing someone into providing assets or information to the incorrect person. The attacker usually poses as a person or entity the victim trusts, such as a supervisor, business associate, or coworker, and evokes a sense of urgency in the victim that prompts hasty decisions. Let’s understand phishing attacks and discuss their types.

What is a Phishing attack?

The term “phishing” describes an effort to get private data, usually in the form of passwords, credit card numbers, bank account details, usernames, or other critical information that may be used or sold.

Phishing attacks make use of human psychology by tricking people into divulging sensitive information by appealing to their fear, curiosity, urgency, or sense of authority. They provide serious hazards, such as identity theft, monetary losses, data breaches, and compromised networks or systems.

The prevention of phishing attacks involves technological defenses, education, and awareness. Users should verify the legitimacy of requests for sensitive information, be wary of unsolicited emails, stay away from dubious links or attachments, and update their security software regularly. Organizations also use multi-factor authentication, email filtering systems, and security awareness training to reduce the dangers associated with phishing attempts.

Types of Phishing Attacks

• Email phishing: This traditional kind entails sending fraudulent emails that appear to be from reputable sources, such as banks, government agencies, or businesses. Frequently, these emails include urgent messages, fraudulent offers, or threats, leading recipients to click on dangerous links, download malicious attachments, or reveal sensitive information on phony websites.
• Spear Phishing: It is a targeted type of phishing that uses highly customized and personalized messages. Attackers gather data on certain people or companies to write persuasive emails that seem more legitimate and have a higher chance of success.
• Clone Phishing: In this technique, attackers create a “clone” or duplicate of a legitimate email that once had a malicious attachment or link. They send the infected attachment or link using a fake or similar-looking email address, replacing the genuine one.
• Phishing via search engine optimization: Cybercriminals manipulate search engine optimization results to direct users to phony websites that imitate legitimate ones. Unaware users may enter sensitive information on these fake websites under the mistaken impression that they are accessing health services or goods.

Conclusion

In conclusion, the most effective ways to protect against the constant and changing threat environment of phishing assaults are to stay educated, implement best practices, and cultivate a culture of cybersecurity awareness. Through the integration of technical solutions and user education, individuals and organizations may jointly strengthen their defenses against these malevolent initiatives.

References

1. Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060.
2. Chiew, K. L., Yong, K. S. C., & Tan, C. L. (2018). A survey of phishing attacks: Their types, vectors and technical approaches. Expert Systems with Applications, 106, 1-20.
3. Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches. Future internet, 12(10), 168.
4. Kumar, A., Shankar, A., Behl, A., Arya, V., & Gupta, N. (2023). Should I share it? Factors influencing fake news-sharing behaviour: A behavioural reasoning theory perspective. Technological Forecasting and Social Change, 193, 122647.
5. Sharma, A., Singh, S. K., Badwal, E., Kumar, S., Gupta, B. B., Arya, V., … & Santaniello, D. (2023, January). Fuzzy Based Clustering of Consumers’ Big Data in Industrial Applications. In 2023 IEEE International Conference on Consumer Electronics (ICCE) (pp. 01-03). IEEE.
6. Zhou, Y., Song, L., Liu, Y., Vijayakumar, P., Gupta, B. B., Alhalabi, W., & Alsharif, H. (2023). A privacy-preserving logistic regression-based diagnosis scheme for digital healthcare. Future Generation Computer Systems, 144, 63-73.
7. https://scholar.google.com/scholar?oi=bibs&hl=en&cites=10709673872670007575
8. Sharma, A., Singh, S. K., Badwal, E., Kumar, S., Gupta, B. B., Arya, V., … & Santaniello, D. (2023, January). Fuzzy Based Clustering of Consumers’ Big Data in Industrial Applications. In 2023 IEEE International Conference on Consumer Electronics (ICCE) (pp. 01-03). IEEE.

Cite As

Brijith A. (2023) Phishing Attack and its Types, Insights2Techinfo, pp.1

592900cookie-checkPhishing Attack and its Typesyes