Before diving into details, let’s refresh on the general concepts around phishing.
Phishing is one of the most common forms of cyber-attack, and can be done though email, text message or voice call. It is the fraudulent act of sending messages disguised as genuine content from reputable sources in order to trick the recipient into revealing personal information, such as passwords, bank account and credit card details.
There are three main attack modes of Phishing:
The promise of a reward:
Takes advantage of people’s excitement and desire for free items and attractive deals and usually sound too good to be true.
Creates anxiety and panic in people in order to pressure them.
Posing as an authority figure:
Uses trust as a catalyst to extract the required information.
Here are some simple questions to ask yourself when you receive a suspicious email:
- Do I know the sender?
- Does this seem legitimate?
- Is it requesting internal information or something out of the ordinary?
- Are there suspicious attachments or links I am being asked to open?
Remember, never reveal personal or corporate information unless you are sure the request is genuine.
Categories: Reading Notes