Phishing has been the most popular tool that attackers have used to steal sensitive information since the beginning of the 2000s and it works, even now in 2021.
Everyone, from the CEO of a company to an average user, is regularly targeted.
A successful phishing attack can retrieve your confidential information that may be used to do nasty stuff like commit fraud in your name, take over your accounts and control your servers.
In a phishing scheme, attackers contact victims disguising themselves as trustworthy persons or institutions, to steal their information.
For example, they may send you an email impersonating your bank service. Some attackers are exceptionally good at falsification; the email address and content of the message can look legitimate.
They may inform you that your account’s password was reset, you won a prize, you owe money, or another alarming message to prompt you to take immediate action.
The immediate action usually involves clicking on a malicious link they provide.
Once you click that link, it may redirect you to a fake webpage looking like the impersonated person’s official website. There, attackers can steal the sensitive information you input.
In other cases, the redirected link triggers the download of malware to your system. Check our article about malware to learn more about this attack vector.
Attackers may use typosquatting; domains under their control look remarkably similar to the legit ones, like www.facelook.com.
But this modus operandi is not only employed by criminals! Companies and governmental intelligence agencies also use it for economic or political reasons. For example, this is how foreign ministries, embassies and even the Dalai Lama’s Tibetan exile centers were compromised.
As with the attacks covered in previous articles, there exist plenty of tools publicly available to perform phishing. Here’s an example.
With your stolen information, the attacker may impersonate you on the target application.
If the attacker gets to access your bank service, it will try then to steal your money and cash-out by
In recent years, we started to register an increasing number of botnets and ransomware attacks.
A botnet is a network of devices infected by malware that is controlled remotely by a Botmaster. Botnets are usually used to perform Denial of Service (DoS) attacks. Learn more about DoS attacks by reading our article.
Botmasters use mainly phishing to recruit new machines to their networks.
Ransomware is a type of malware that encrypts all your files and demands you pay a ransom to recover them back. Again, phishing is what attackers typically use in the first place to infect your system.
Be very wary here! Attackers often use as phishing vector:
Here are some hints indicating they may be fraudulent:
If you fell victim to this schema, you may experience a broad range of symptoms. For example, you would find:
We can classify phishing attacks by the media employed and targets.
In Spear Phishing, the attack is focused on a unique target. The individual is first investigated to craft a phishing message that is very likely to be trusted.
That is one of the reasons why you should be very careful about what you share on the internet, for example, on social media!
Whaling is a particular case of Spear Phishing in which the target is a high-profile individual, such as an executive or a famous person.
A remarkable example of a successful whaling attack: the case of an executive-level HR employee at Snapchat. The attacker disguised as the company’s CEO and got to retrieve payroll information of companies’ employees.
Vishing comes from Voice phISHING; the attacker tries tricking the victim over verbal communication channels like telephone or VoIP. This type of phishing was the most prevalent in the previous century.
Still, nowadays, phones are the second most common media employed by fraudsters.
Smishing comes from Sms phISHING. Here the media used by the attackers is mobile phones’ text messages.
Smishing attacks related to Covid aids and fines victimized people all over the world recently.
Here the media used by the attacker is email. It’s the most common type of phishing. This schema works as we explained in the example from the first section.
Phishing has a high prevalence in cyberattacks statistics. According to Verizon Data Breach Digest, 90% of all data breaches involve phishing.
And phishing even seems to be on the rise. According to the FBI 2020 Internet Crime Report, phishing incidents more than doubled from 2019 to 2020.
Here are some tips to be safe!
Take your time, don’t hurry to reply to an email prompting you to act immediately. Attackers will try to trigger your emotions, so you make a wrong decision fast.
For example, if you receive an email saying you won a prize, check on the internet if the organization is trustworthy. Consider that if you didn’t take part in a lottery, you couldn’t have won.
If you receive a message from the government saying you owe money, contact the institution on their official media to confirm.
Attackers rely on users clicking on malicious links in emails, social media, or pop-up ads that lead to fake websites they control or even malware installation.
Even if you receive an email from someone you trust, the email still could have been sent by someone impersonating the person you trust.
You may check if a website is trustworthy here and by researching in forums on the internet.
If you have it enabled, attackers won’t be able to access your accounts even if they got to retrieve your credentials.Web Services usually have an option for enabling two-factor authentication (2FA).
According to Microsoft, multi-factor authentication can prevent 99.9% of account compromise attacks.
A spam filter is handy to separate legit emails from the unwanted, and the rate of false positives is low.
The most popular webmail services such as Outlook, Gmail, and Yahoo Mail use this feature by default.
Using security software is important to avoid human errors that transform into a catastrophe. BitNinja has great features to protect you, even if you happened to click that link you shouldn’t have…
BitNinja counts with features backed by state-of-art technology in different areas:
Phishing had success even with very high-profile targets. For example, in 2020, attackers got to hack into Twitter administrative accounts.
They did by employing a technique known as SIM Swap Fraud. That consists in using Vishing to convince Telecom companies’ employees that you own a particular phone number.
After that, they received two-factor authentication messages to break into the desired accounts.
Once inside, the attackers had access to internal tools that enabled them to take control of any account. With that capability, they could impersonate famous users as Barack Obama, Elon Musk and Bill Gates to send phishing messages with a bitcoin scam.
Yes, you can add IP addresses via your BitNinja Console, from the CLI, or through the API.
All changes are processed immediately, and your server is instantly protected with the updated security settings.
If necessary, you can also manage IP ranges, block countries and even ASNs with customized time frames to eliminate attacks from specific regions.
You can see the history of IP addresses and their details on your BitNinja Console in the Phishing Sites section.
Protect your servers from phishing and any threat. Cybersecurity is not optional anymore. It is a must! If you haven’t tried BitNinja yet, don’t forget to register for the 7-day free trial! No credit card is needed!
We are always happy to help you! If you have any questions, check out our Knowledgebase, feel free to ask at [email protected], or you can even reach us on the Dashboard chat!
Let’s make the internet a safer place together!
Start the 7-day free trial with full functionality without spending a cent.
After the “Hello, Peppa!” zero-day botnet, our Attack Vector Miner detected another zero-day...
At the end of the last year, we made...