HornetSecurity - Phishing in Detail

What is Phishing?

Phishing is a type of social engineering, which mostly works via scam emails. It’s a way hackers try to manipulate victims to lead them to a specific reaction, like typing in a password or opening a malicious document. The cyber-criminals try to bypass the email security companies have via appealing to specific employees in a personal way. Phishing is not malware, it’s a scam tactic, that elite hackers have in their toolbox to gain information or spread malware in order to breach the security of companies without an extended amount of effort. How exactly does this technique work? How you can protect yourself?

The basic knowledge of phishing

First, you should know what Social Engineering is. Social Engineering is in general, applied social sciences, but better known as social manipulation or scamming. For Social Engineering the offender uses psychological knowledge to manipulate the victim to do what they want them to do. One technique is to pretend to be a colleague of the victim, an example would be a colleague from the system administration department sending out a scam email disguised as email from system administration department head. The victim is a way more willing to do, what the hacker wants the victim to do with his computer if he thinks that the attacker is a colleague. Another method is to prepare a scam email, which looks like an email from a company you trust, like PayPal. The hacker uses this scam email to lead the victim into the trap to gain access to their PayPal account.
Phishing is a scam email attack from cyber-criminals using the techniques discussed above. In general, there are two types of phishing attacks. First the easier method, the cyber-criminal doesn’t need much information about the victim. He sends out as many phishing emails as possible, to as many recipients as possible. Underlining the idea, that in a mass of people, someone will react in the way they want them to react. The chance getting higher and higher the more emails sent out. The other variation of phishing emails is called spear phishing. Spear phishing emails are much more personalized than a normal phishing email. The hacker tries to attack one particular victim and manipulates them with emails to give over the data wanted.

How does Phishing work?

Normally the target of the cyber-criminal, also known as a Phisher, is able to get login credentials, mostly of services like PayPal or similar. Otherwise, they are usually attempting to steal credit card information. In order to reach this goal, they use phishing emails. These emails are often structured like an email from the real service (Paypal, etc), which the hackers use to trick the user into giving up their login credentials. For example, they build an email that looks like an email from PayPal. In this email you are often asked to click on a link to type in a new password, because someone new logged in to your account or something similar. They can also use attached documents, in which case you are asked to open the file mimicing something like an invoice, with Malware inside. This malware could be tracking everything you do on your computer afterwards. It could sound a little bit paradox that phishing emails work with emails, that normally should warn you about someone trying to get into your account. That is the moment the social engineering part of it is important. In the moment you get an email, that says someone tried to get in your account, you get in psychological stress. Imagine someone successfully stole your PayPal credentials, they could have potential access to all of your money. The hackers are using these thoughts to manipulate their victims.

HornetSecurity - Phishing