5 most common Types of

Phishing Attack

1. Email phishing
The majority of phishing attacks are delivered via
email. The thief will register a bogus domain that
looks like a legitimate organization and send
thousands of generic requests. In some cases, the fraudsters create a unique
domain that includes the legitimate organization's name in the URL, such as
by placing "r" and "n" next to each other to create "rn" instead of "m."

2. Spear phishing
There are two other, more sophisticated, types of phishing involving email. The
first, spear phishing, describes malicious emails sent to a specific person.
Criminals who do this will already have some or all of the following
information about the victims:
Their name; RULES OF NETIQUETTE:
Place of employment;
Job title;

Watch Out for

Email address; and
Specific information about their job role. Phishing is a type of social engineering
3. Whaling in which an attacker sends a fraudulent
Whaling attacks are more subtle and targeted,
primarily aimed at senior executives. In this message in order to trick a person into Phishing
Scams
case, tricks like fake links and malicious URLs
are useless because criminals are
disclosing sensitive information. It can
impersonating senior staff. be used by cybercriminals to install
4. Smishing and vishing malicious software on the victim's
Smishing entails sending text messages, infrastructure, such as ransomware, or
whereas vishing entails having a phone Christine Joyce S. Dela Cruz
to steal financial and banking
conversation. Alerts from your bank alerting
you to suspicious activity are a common information.
11ABM-B
smishing pretext.
Every 20 seconds, a new phishing site is
5. Angler phishing created on the internet. Phishing attacks
Fake URLs, cloned websites, posts, and instant messaging can all be
used to trick users into disclosing sensitive information or
cause 90% of corporate security breaches.
downloading malware. Criminals, on the other hand, can create Every year, small and medium-sized
highly targeted attacks using the data that people willingly post on
social media. Criminals can use social media to trick people into
businesses lose an average of $1.6 million
clicking on links, including malicious links. while recovering from a phishing attack.

What is Phishing Scams?

 How To Recognize
Phishing
Scammers frequently use phishing attacks to try to steal your
passwords, account numbers, or Social Security numbers. They
could gain access to your email, bank, or other accounts if they
obtain that information. Alternatively, they may sell your
information to other scammers. Every day, scammers launch
thousands of phishing attacks.
Four Ways To Protect
Yourself From Phishing
1. Protect your computer by using security software. Set
the software to update automatically so it will deal with
any new security threats.
2. Protect your cell phone by setting software to update
automatically. These updates could give you critical
protection against security threats.
3. Protect your accounts by using multi-factor
authentication. Some accounts offer extra security by
requiring two or more credentials to log in to your
account. This is called multi-factor authentication. The
extra credentials you need to log in to your account fall
into three categories:
something you know — like a passcode, a PIN, or the
answer to a security question.
something you have — like a one-time verification
passcode you get by text, email, or from an
authenticator app; or a security key
something you are — like a scan of your fingerprint,
your retina, or your face
Multi-factor authentication makes it harder for scammers
to log in to your accounts if they do get your username
and password.
4. Protect your data by backing it up. Back up the data on
your computer to an external hard drive or in the cloud.
Back up the data on your phone, too.
Common Indicators of a
Phishing Attempt
1. Grammar and Spelling Errors
Phishing emails are frequently written by
untrustworthy third parties with no proofreading
or editing process. The presence of grammar and
spelling errors in the email content is a common
indicator of a phishing attempt. This means that
their servers do not have spell check features to
check for spelling and grammar errors.
2. Unfamiliar Tone
The unfamiliar tone of an email is one indication
that a phishing attempt is underway. It’s
important to note that there are several ways to
detect this, so it’s important to be aware of the
different types of unfamiliar tones. One way to
spot an unfamiliar tone is by noticing that the
email feels like it’s been created by someone who
doesn’t know you very well.
3. Receiving Email at an Unusual Time
If you receive an email at a time that is unusual for
you to be receiving emails from the sender, this is
another indicator.
4. Sense of Urgency
Another sign that an email is malicious is if it
threatens you or makes you feel like you have to
act quickly. This could be a warning about your
account being suspended, for example, or pressure
to respond within 24 hours or risk compromising
your security. If the message makes you feel like
something bad will happen if you don’t respond
quickly, this may be a phishing attempt.
5. Suspicious Attachments
A common indicator of a phishing attempt is a
suspicious attachment. The bad guys often use
phishing emails to send these attachments
because they know many people are curious
enough to open them and click on whatever links
or buttons they contain.These attachments may
be a Word document or zip file, for example. But if
you open the attachment and it’s malicious, it
could infect your computer with malware that
steals your login credentials. If you get an email
with a suspicious attachment, don’t click on it!
6. The Recipient Never Started the
Discussion
Phishing attempts are often initiated by scammers
or hackers who send emails to random people and
hope that someone falls for them. If you didn’t
initiate the conversation, then the email may be a
phishing attempt.
7. Abnormalities in Email Addresses,
Hyperlinks, and Domain Names
Phishing emails are often sent from an address that
is not consistent with the domain name or website
of the organization that is being impersonated. It is
also a good idea to check that the originating email
addresses match previous correspondence. If there
are hyperlinks in the email, hover over each one to
see what URL it will take you to.
8. Email Coded Entirely as a Hyperlink
Email coding is a new practice among fraudsters and
scammers. When an email is coded entirely as a
hyperlink, the whole email becomes clickable. This
means when a user clicks anywhere inside the email
message it takes them to the imposter page.