Jump to content

Phishing: Difference between revisions

From ICANNWiki
Short overview, Phishing history, Types of phishing practices, protection against phishing practices
 
Jessica (talk | contribs)
No edit summary
 
(15 intermediate revisions by 6 users not shown)
Line 1: Line 1:
'''Phishing''' represents the fraudulent acquisition by means of deception of personal and financial information like credit card information and passwords. <ref>[http://www.wordiq.com/definition/Phishing Phishing definition]</ref>
'''Phishing''' represents the fraudulent acquisition of personal and financial information like credit card information and passwords.<ref>[http://www.wordiq.com/definition/Phishing Phishing definition]</ref>


==Short overview==
The theft of financial and personal data is achieved through deceptive means such as fraudulent emails and copies of legitimate websites.<ref>[http://dictionary.reference.com/browse/phishing Phishing features]</ref> Brand spoofing and carding are forms of phishing.
Simply put,  the extraction of financial and personal data is achieved by means of phishing practices through  fraudulent emails and legitimate website copies. This is a very dangerous form of theft practiced over the Internet. <ref>[http://dictionary.reference.com/browse/phishing Phishing features]</ref>


The practice of phishing is similar to "brand spoofing" or "carding" depending on the method used to deceive Internet users. In other words, practices such as brand spoofing or carding are forms of phishing.
==Spear Phishing==
Spear phishing is a type of phishing attack that targets specific individuals or organizations through malicious emails in order to steal sensitive information like login credentials or to infect the targets’ device with [[malware]]. The attack appears to be from trusted senders and it uses [[Social Engineering Attacks|social engineering]] techniques to urge the victim to click on a malicious link or attachment. Whereas phishing attacks, in general, prioritize quantity, spear phishing prioritizes quantity. In that same vein, a whaling attack prioritizes C-level targets within an organization.<ref>[https://www.crowdstrike.com/cybersecurity-101/phishing/spear-phishing/ Spear Phishing, Crowdstrike]</ref>


==Phishing history==
==Phishing History==
The phishing scams first appeared during the 1990's when hacking into AOL started. There were a set of emails which seemed to come from AOL but were actually sent by a hacker. These emails requested users to update their personal and financial information so that many people exposed personal information which was later used by hackers.  
Phishing scams first appeared during the 1990s on AOL. Emails that appeared to come from AOL but were actually from a hacker who requested users to update their personal and financial information via email, causing many people to expose their information, which was then abused by the hacker. The problem was that at that time AOL permitted the creation of a fake account by means of a credit card generator, but after these attacks AOL had to change this technique.<ref>[http://www.allspammedup.com/2009/02/history-of-phishing/ Phishing history]</ref>


The phishing attacks expanded soon with Paypal methods and other such organizations and websites which dealt with online payments. This is when the need for secured payment applications was highly required.  
Phishing attacks expanded quickly with the use of PayPal and other such organizations and websites using online payments. These attacks motivated the creation of secure payment applications. The term "phishing" was coined in 1996, and hacked accounts were known as "phish".


==Types of phishing practices==
===Cybersquatting===
According to [[APWG|The Anti-Phishing Working Group]], the number of [[cybersquatting|cybersquatted]] domain names used in conjunction with [[phishing]] fell to only 2% of attacks in 2012. A report identified 64,204 phishing domains in total, of which only 12% is suspected by APWG as being [[Malicious Domain|registered by the phishers]]. The rest were [[Compromised Domain|compromised accounts]] owned by third parties. More than half of phisher-owned domains were in [[.tk]], a registry that offers free registration.<ref>[http://domainincite.com/10861-only-2-of-phishing-attacks-use-cybersquatted-domain-names Only 2% of phishing attacks use cybersquatted domain names]. Published 2012 October 25. Retrieved 2012 November 13.</ref>
 
===Combating Phishing with Next Generation Passwordless Authentication===
"WinMagic's MagicEndpoint Passwordless Multifactor Authentication will ensure your systems are secure and easy to access. Turn regular devices into security keys. <ref>[https://www.winmagic.com/products/passwordless-authentication Winmagic]</ref>
 
==Types of Phishing Practices==
Phishing involves the following:
Phishing involves the following:
* The possibility of introducing a virus attack
* The possibility of introducing a virus attack
* The development of a legitimate website copy
* The development of a legitimate website copy
* By means of instant messaging
* Session Hijacking
* Fooling Internet users to submit financial and personal data or passwords
* Fooling Internet users to submit financial and personal data or passwords
* Emails that claim to be sent on behalf of well-known organizations.  
* Emails that claim to be sent on behalf of well-known organizations  
* Voice phishing is a rather new form of phishing: the hacker simply replaces the website with a telephone number so that users will receive an email from their favorite websites and they are requested to call a specific number and update their information. How to hackers determine favorite or highly-visited websites? By installing a spyware into the computer or hacking the website. <ref>[http://www.spamlaws.com/voice-and-spear-phishing.html Voice phishing]</ref>
* Data Theft
* Tabnabbing: takes advantage of multiple tabs which Internet users may frequently use and redirects the Internet user to the wrong website.
* DNS-Based Phishing also referred to as "Pharming" <ref>[http://pcworld.about.com/od/emailsecurity/Types-of-Phishing-Attacks.htm Phishing types]</ref>
* Pop-up windows which may appear from legitimate and original websites but request financial and credential information to be supplied.  
* Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker.<ref>[http://www.spamlaws.com/voice-and-spear-phishing.html Voice phishing]</ref>
* Tabnabbing, which takes advantage of multiple tabs that Internet users may frequently use and redirects the Internet user to the wrong website. <ref>[http://www.crustiz.com/web-2-0/tabnagging-new-phishing-attack/ Tabnagging]</ref>
* Pop-up windows which may appear from legitimate and original websites but request financial and credential information.


==Protection against phishing practices==
==Protection against Phishing Practices==
In order avoid being a victim of such phishing practices, the Internet users should take the following aspects into consideration:
In order to avoid being a victim of phishing, Internet users should take the following into consideration:
# Avoid or delete mass emails
# Avoid or delete mass emails
# Install a anti-phishing software
# Install anti-phishing software
# Avoid password authentication services
# Avoid password authentication services
# Ignore emails requesting financial information updates  
# Ignore emails requesting financial information updates  
# Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the amount of phishing emails.  
# Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the number of phishing emails.  
# Do not trust impersonal emails
# Do not trust impersonal emails
# Suspicion regarding email links
# Be suspicious regarding email links
# When submitting credit card information is important to make sure the user is accessing a secure website with secure payment <ref>[http://www.anti-phishing.info/avoid-phishing.html Phishing protection]</ref>
# Submit credit card information only on secure websites with secure payment options.<ref>[http://www.anti-phishing.info/avoid-phishing.html Phishing protection]</ref>
 
==Trajectories==
In the early 2020s, phishing began growing in popularity among [[Threat Actor|threat actors]] even as [[DNS Abuse]] in general appeared to trend down.<ref>[https://www.icann.org/en/system/files/files/last-four-years-retrospect-brief-review-dns-abuse-trends-22mar22-en.pdf DNS Abuse Trends Retrospective, ICANN Files]</ref>
 
On July 19, 2022, [[Interisle Consulting]] reported that:
* phishing attacks were up by 61 % over the previous year,
* phishing reporting went up by 72 %,
* 76% of domains for phishing were registered with nTLDs (34% were split between [[.com]] and [[.net]], 
* phishers are targeting big tech brands, and
* cryptocurrency phishing increased by 257 %.<ref>[https://interisle.net/PhishingLandscape2022-ExecutiveSummary.pdf 2022 Phishing Landscape Executive Summary, Interisle]</ref>  


==References==
==References==
{{Reflist}}
{{Reflist}}


[[Category: Glossary]]
 
[[Category:DNS Abuse]]
__NOTOC__

Latest revision as of 16:18, 5 August 2022

Phishing represents the fraudulent acquisition of personal and financial information like credit card information and passwords.[1]

The theft of financial and personal data is achieved through deceptive means such as fraudulent emails and copies of legitimate websites.[2] Brand spoofing and carding are forms of phishing.

Spear Phishing

Spear phishing is a type of phishing attack that targets specific individuals or organizations through malicious emails in order to steal sensitive information like login credentials or to infect the targets’ device with malware. The attack appears to be from trusted senders and it uses social engineering techniques to urge the victim to click on a malicious link or attachment. Whereas phishing attacks, in general, prioritize quantity, spear phishing prioritizes quantity. In that same vein, a whaling attack prioritizes C-level targets within an organization.[3]

Phishing History

Phishing scams first appeared during the 1990s on AOL. Emails that appeared to come from AOL but were actually from a hacker who requested users to update their personal and financial information via email, causing many people to expose their information, which was then abused by the hacker. The problem was that at that time AOL permitted the creation of a fake account by means of a credit card generator, but after these attacks AOL had to change this technique.[4]

Phishing attacks expanded quickly with the use of PayPal and other such organizations and websites using online payments. These attacks motivated the creation of secure payment applications. The term "phishing" was coined in 1996, and hacked accounts were known as "phish".

Cybersquatting

According to The Anti-Phishing Working Group, the number of cybersquatted domain names used in conjunction with phishing fell to only 2% of attacks in 2012. A report identified 64,204 phishing domains in total, of which only 12% is suspected by APWG as being registered by the phishers. The rest were compromised accounts owned by third parties. More than half of phisher-owned domains were in .tk, a registry that offers free registration.[5]

Combating Phishing with Next Generation Passwordless Authentication

"WinMagic's MagicEndpoint Passwordless Multifactor Authentication will ensure your systems are secure and easy to access. Turn regular devices into security keys. [6]

Types of Phishing Practices

Phishing involves the following:

  • The possibility of introducing a virus attack
  • The development of a legitimate website copy
  • Session Hijacking
  • Fooling Internet users to submit financial and personal data or passwords
  • Emails that claim to be sent on behalf of well-known organizations
  • Data Theft
  • DNS-Based Phishing also referred to as "Pharming" [7]
  • Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker.[8]
  • Tabnabbing, which takes advantage of multiple tabs that Internet users may frequently use and redirects the Internet user to the wrong website. [9]
  • Pop-up windows which may appear from legitimate and original websites but request financial and credential information.

Protection against Phishing Practices

In order to avoid being a victim of phishing, Internet users should take the following into consideration:

  1. Avoid or delete mass emails
  2. Install anti-phishing software
  3. Avoid password authentication services
  4. Ignore emails requesting financial information updates
  5. Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the number of phishing emails.
  6. Do not trust impersonal emails
  7. Be suspicious regarding email links
  8. Submit credit card information only on secure websites with secure payment options.[10]

Trajectories

In the early 2020s, phishing began growing in popularity among threat actors even as DNS Abuse in general appeared to trend down.[11]

On July 19, 2022, Interisle Consulting reported that:

  • phishing attacks were up by 61 % over the previous year,
  • phishing reporting went up by 72 %,
  • 76% of domains for phishing were registered with nTLDs (34% were split between .com and .net,
  • phishers are targeting big tech brands, and
  • cryptocurrency phishing increased by 257 %.[12]

References