What are phishing attacks and how to prevent them?

What is a phishing attack?

Phishing is a term used to describe stealing from an individual or group of users, using email or creating toxic pages. These emails and pages are created to collect users' personal information such as bank account, email account and other user information.

Phishing in simple language, which is actually abbreviated to Password Harvesting Fishing, means hunting the user's password through a bait.

Attackers who use phishing attacks, use different techniques to collect confidential information. One of these methods is to create fake pages and refer users to those pages. Users also trust these pages because they are designed to look like the main pages and enter their personal information on those pages. In the following article, we will review the different techniques of phishing attacks.

What information does phishing look for?

In this article, we are going to talk about phishing, how to detect phishing attacks and how to deal with it. As you know, there are always people who break the law and attack the rights of others in different environments to make more profit. In fact, cyberspace and the Internet are not free of such people. Phishing is a term used to describe a group of attacks aimed at gaining access to the confidential information of others. One of the most important pieces of information that attackers usually look for is the password of different accounts. In addition, username, bank account number, date of birth and many other confidential information items are among the things that phishing websites are looking for.

What are the different techniques of phishing attacks?

Here are some phishing techniques, and phishing risks, and you'll learn more about the meaning of phishing:

Phisher (attacker) creates a toxic page and directs users to that page through various means (such as email). Once the user has trusted them , they are asked to enter their confidential information on those pages. For example, for online shopping, it guides the user to a poisoned link to enter its bank account information on that page in order to do bank account phishing.

spear phishing

In this method, the attacker tries to get as much information about the victim as possible in order to gain his trust. 91% of phishing scams use this method. This method applies to groups. This means that instead of sending emails to thousands of users, phisher sends so-called bulk emails (emails to a specific group that it has already identified).

Clone Phishing

In this method, Phisher receives an email sent by the company and replaces the links in it with the desired links. It then sends the email to users of the same company.

Rogue Wi-Fi or Wireless Phishing

The attacker creates a site with free internet, and dominates all users and tries to steal their confidential information.

Link manipulation

In this method, phisher sends an incorrect but similar link to the user.

 For example, imagine that you want to exchange webmoney to perfect money on PayPax, instead of the link: paypax.io, paypex.io address will be sent to you.

Filter evasion

Phishers have recently started posting photos instead of links, which makes it harder for anti-phishing.

Phone phishing

Not all phishing happened on the Internet. Recently, phishing through texting or contacting users has also become very common. In this method, messages are sent to the user that are apparently sent by the bank and ask the user to dial a specific number, for example, due to a defect in their account. After getting the number (which belongs to phisher and is provided by VOIP service), the user is asked to enter his second account number and password. Or by sending an SMS, the user is asked to go to the ATM to receive the gift and enter the codes with the English part of the device. The result of this case is the transfer of money to the phisher account.

Evil Twins

This is one of the methods that is difficult to detect. An attacker creates an Internet line in public places with the name of that place. That users will enter to make a mistake and through this the attacker will have access to personal information.

Of course, there are other methods such as Whaling, Website forgery, Tabnabbing for phishing.

For a user who typically uses eBay or any other online service, this email can be a common question to describe their user information. Of course, phishing emails are for stealing information such as username and password and bank account information and so on.

What is email Phishing? 

Since phishing emails are sent in bulk, they have no idea who you are, for example:

An email from PayPax arrives telling the victim that their account has been compromised and will be deactivated unless they confirm their credit card details. 

The link in the phishing email takes the victim to a fake PayPax website and the stolen credit card information is used to commit further crimes

How to prevent email phishing?

• Reputable companies never misspell emails.
• If a particular company asks you to correct their information because of a disruption, they will definitely mention your username or account information. In the example above, it is enough to just say eBay customer, if this email was really from eBay, it would definitely use your username.
• Such emails usually have a deadline. For example, in the example above, the user is asked to log in and change user information in the next 24 hours.
• Although phishing emails are getting better and better every day in hiding links, they usually come with a list of irrelevant links to the company's site. In the example above: com / ebay is not an eBay address but is a fake address with the name eBay on it.

Tips Commonly mentioned in phishing emails

• Account problems such as password expiration, account hacking or the expiration date of your account, so, you need to update your account.
• Confirm user information: For this issue, you are asked to log in to the system from their link and confirm your information
• Credit card or other personal information such as saying your information has been stolen or you need to change your password.

Farming vs. Phishing

In farming, a large number of users are attacked and in fact become victims. In this case, in the victimized system, there is no need to confirm the victim user and there is no need to send emails to users one by one. In fact, farming is done by modifying the host files on the victim computer or by exploiting the vulnerabilities of the DNS server.

Several ways to detect phishing attacks

In order to be able to deal with phishing attacks well, we need to know them first. Here are some ways to detect a phishing attack:

 Check secure connection: Pay attention to the address bar when you log in to the web page for online payment. Make sure the page address starts with a lock icon or https: // on the left side of the address bar. It is safe to say that the presence of these signs greatly relieves us of the notion that the website is not fake, but pay attention to the important point that this case is not 100% work! There are other things to keep in mind.

Carefully study and check the domain address of the website: In fact, sometimes attackers only add or subtract one or two letters from the original domain address to make the fake URL look normal. So, make sure that the URL written after https: // or the lock icon must match the URL of the main website.

Play the role of forgetful people! When entering account information for online payment, assume that you have forgotten it and entered incorrect information. For example, enter the card number and cvv2 number or other details incorrectly. What happens here is that the main website detects and warns of inaccurate information. While the fraudulent website, because it is not connected to the central bank system, does not notice this error and does not show you an error message. So, you will easily notice that the website is fraudulent.

Get help from the software: You can install an anti-phishing extension on your browser. In this way, most of the reviews are done by the extension. The extension automatically checks the authenticity of the website, and if the website is detected as fraudulent, a warning message is displayed.

Refresh the payment page: As you know, many payment pages place irregularly numbered keyboards for more security. One simple sign is that refreshing a scam screen does not change the placement of the numbers on the keyboard.

How to prevent phishing attacks?

Now that we have some ways to detect a phishing attack, it's time to deal with it. It is clear that performing these steps and identification methods is the most important step in preventing such attacks. However, there are other things you can do to help prevent phishing attacks. Some of these measures are:

1. Never log in to the links you receive in your email. Instead of entering the link provided in the email, enter the company name manually and enter its website. In the example above, instead of entering a fake url, you can enter the “com” yourself and log in to your account.
2. Never send your personal information via email. If the company asks you to send your confidential information or announces that your account is inaccessible, go to the company page, log in and send information through it.
3. Never enter your information on unreliable websites. For some websites where you are going to enter your banking information, first make sure that this site has an SSL certificate or that its address starts with HTTPS. All websites can secure their site against such cases by purchasing SSL.
4. Attackers often use tempting material to deceive you. For example, they send items such as bank loans, gifts, online auctions, and so on. Our advice is not to get excited and do not click on any link with these titles in any way.
5. Insert a dedicated bank card for online work: Try to keep this card blank and only transfer the required amount of money to that card at the time of purchase. Of course, we remind you that the best way is to learn how to detect phishing attacks, detect fake pages and do not enter any anonymous links.