What is Phishing: What is Phishing

Wednesday, November 18, 2015

What is Phishing

What is Phishing

A form of Social engineering that is the technique of deceiving others into divulging information that they wouldn’t normally share

When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don’t click on links within them either – even if the message seems to be from an organization you trust. It isn’t. Legitimate businesses don’t ask you to send sensitive information through insecure channels.

Examples of Phishing Messages

You open an email or text, and see a message like this:

"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

“Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

The senders are phishing for your information so they can use it to commit fraud.

Phishing and web app security problems remain the most common way for hackers to gain access to sensitive information, according to US telco giant Verizon.

Two out of three breaches were the result of weak or swiped passwords, making a case for strong two-factor authentication, the latest edition of Verizon’s annual Data Breach Investigations Report suggested.

The study put 2,122 confirmed breaches across 61 countries under the microscope. Many of these breaches traced their roots back to successful phishing attacks.

Around one in four (23 per cent) of recipients opened phishing messages, while more than one in 10 (11 per cent) of recipients clicked on attachments. Half (50 per cent) of successful phishing attacks involved emails that were opened in the first hour after their receipt. Corporate hackers often targeted lawyers, marketing staff and human resources within corporate environments in phishing runs because these departments regularly deal with a lot of email, according to Verizon.

The top three industries affected were the same as previous years: public sector, technology and financial services.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)