How to avoid getting “phish”ed?

Ever received an email or message asking you to click on a link? You clicked on it and it took you nowhere? Well, that's phishing. You might not have given it much thought, but cybercriminals use this simple process to steal your information.

Written by Freya Fannie
Illustrated by Megha Ramachandra
21.06.2022

What is ‘Phishing’?

In the computing world, phishing is just like fishing, except that the bait is a fraudulent message, and we are the reeled in fishes. Like a fisherman who knows what type of bait to use to reel in a specific fish, an attacker gathers as much information about you as they can before placing their bait. Particularly if you are a company's CEO, who is the most targeted.

How you get attacked?

The attack is the easiest part. The "phishing" messages often begin with a message that looks so convincing that it seems to be from a trusted source. This compels you to click the link which installs malware into your system. When you are hooked in like this, the attacker will have access to all your private information, including login credentials and credit card information which they can use against you.

How to prevent it?

Regularly updating security measures is important, and having the latest technologies in place can help. The most important thing is to be aware of these issues. Educating users and using layered security technologies are the best ways to protect your company from these cyber threats. A company's high-level employees are the most likely to be targeted, so educating them on how to recognize phishing emails is extremely important. Further, email security, malware protection, and web security are areas where you will need layered security technologies to protect against these threats.

Types of Phishing

Email Phishing

This is the most common type of phishing, in which an attacker sends a phony email pretending to be from a well-known company or a reliable source.

HTTPS Phishing

Attackers leverage HTTPS, which is often considered a safe link to click, to send users infectious links preferably via email

Angler Phishing

Social media is the most vulnerable and susceptible to Angler phishing. Attackers use notifications and direct messaging options to gain access to your device.

Spear Phishing

This is a more targeted strategy. The attacker gathers all publicly available information about the target and orchestrates the attack. These are primarily aimed at individuals within an organization and are delivered via emails, usernames, and office phone numbers.

Whaling

Whaling, also known as CEO fraud, targets an organization's senior executives. They impersonate the individual and can result in financial and legal consequences for the organization.

Smishing/Vishing

These are done through SMS and voice calls. The most common are bank alerts that require you to act immediately.

Conclusion

These are the most common types of phishing used by attackers to gain access to a system or device. However, there are more types that range up to cyberwarfare. So, in this digital era where cybersecurity is bleak, make sure to protect your systems with advanced software and educate people on issues like phishing.

Reach-out for jobs

Explore jobs
Contact Us

Have something good? Reach out to us.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.