Answer To: The risk to organizations from a network attack has increased exponentially. Threats can occur at...
Soumi answered on Mar 02 2021
PHISHING ATTACK, THEIR TYPES AND THREATS
Table of Contents
1. Introduction to Phishing Attacks and their Impacts on Society 3
2. Three Recent Variants of Phishing Attack 3
3. Working Mechanism of Phishing 3
4. Potential Threats posed by Phishing 4
5. Summary 5
6. References 6
1. Introduction to Phishing Attacks and their Impacts on Society
With the positive benefits of digital technology comes its disadvantages in form cybercrime that is ‘Phishing’. As stated by Chaudhry, Chaudhry and Rittenhouse (2016), phishing can be defined as a form of cybercrime, which targets to deceive the users by asking them to provide their personal or financial details or luring them to send money directly to the hacker or attacker. Social engineering techniques are exploited in order to steal information related to usernames, passwords, credit card numbers, banking transactions, which lead to serious consequences in form of financial loss and a serious compromise towards national security, loss of intellectual property or customer’s sensitive information (Aleroud and Zhou, 2017).
2. Three Recent Variants of Phishing Attack
Fraudulent site in China CITIC Bank International Limited – Hypertext markup language (html) sites are an easier way for attackers. Hong Kong Monetary Authority (HKMA), on 17 December 2018, generated a press release regarding a website ‘www.citichina.org’ that was fraudulent and warned the people, who may have provided any personal information or have done online banking with this website, to contact their respective banks or cyber security department (Press Releases, 2019).
Messaging Applications- Since phishing using e-mail has been highly successful for attackers during the previous years, 2019 has experienced more attacks from messaging applications instead of e-mails since users have been made aware of malicious and suspicious mails. However, users are found to be overly trusting when using these applications. Skype, Teams, Facebook messenger are some commonly used messaging apps but they do not have built in security measures as malware detection, link scanning and thus become an effective mode used by attackers (Landewe, 2019).
Phishing via Shared files– Due to auto scanning systems provided by most of mailing systems, attackers are now embedding malicious links within shared files and post them on trusted site like Dropbox, G suite and Box. E-mail sent by the attacker will be containing this shared file and thus will not seem suspicious but it will...