• Compromising the System

• Analyzing current trends

• Exploiting a vulnerability
• Zero-day
• Performing the steps to compromise a system

PHISHING

➢ Phishing attacks involve the technique of delivering fake messages that seem to
be from a reliable source.
➢ It is normally done via email.
➢ The intention is to steal private information, such as credit card numbers and
login credentials, or to infect the victim's computer with malware.

HOW DOES PHISHING WORK?

➢ Phishing may be used as either the start of an attack or the actual attack.
➢ It begins with a deceptive email or other communication designed to attract a
target.
➢ The sender of the message is designed to appear reliable in order to fool
recipients.
➢ If it succeeds in fooling the victim, that person may be convinced to disclose private
information, frequently on a malicious websites.
➢ Sometimes malware is also downloaded onto the target’s computer.

DANGERS OF PHISHING ATTACKS

➢ MONEY. Attackers may be content to get a victim's credit card number or other
personal information in exchange for money.
➢ THEFT. Phishing emails are intended to gather employee login credentials or
other information for use in a targeted attack on a particular company.
➢ REPUTATION. Phishing attacks may seriously harm a company's reputation.
Cybercriminals can access private data by obtaining logins and passwords.
Cyberattacks like this might damage your reputation if you handle the sensitive
information of your consumers.
➢ NEW ATTACKS. Initially insignificant email phishing assaults may be opening
the door for future phishing frauds.
➢ LEGAL CONSEQUENCES. You may be subject to serious penalties and even
legal action if a burglar obtains private customer information during the attack.
TYPES OF PHISHING

• Deceptive phishing

➢ In deceptive phishing, the attacker tries to get the victims to provide sensitive
information. Attackers exploit the data to commit financial crimes or carry out other types
of offenses.
➢ Example: A fake email from a bank asking you to click a link and verify your account
details

• Spear phishing

➢ Instead of focusing on a large population, spear phishing targets certain persons.

➢ Attackers frequently conduct online and offline research on their targets.
➢ They may then personalize their messaging and seem more genuine.
 ➢ The initial stage in a targeted assault to get past a company's defenses is
frequently spear phishing.
➢ Example: A message which looks like a Twitter security alert. "The message
informs the user that their account was accessed in Russia, and they should
reset their password using the link. That link leads to a fake password reset
where it will just collect the current credentials and then steal the account."

• Whaling

➢ Whaling is the term for when attackers target a "big fish," such as a CEO.
➢ Attackers frequently invest a lot of time analyzing the victim to determine the best
time and method for acquiring login information.
➢ High-level executives' access to a lot of business knowledge makes whaling a
more serious problem.
➢ Example: Kaitlyn is the CFO in this potential whaling attack, and she is the target.
• Pharming

➢ Pharming directs people to a fake website that seems official.

➢ In this instance, consumers are directed to the malicious websites without even having to
click on a malicious link.
➢ Even if the user types in the right URL, attackers can control either the user's computer or
the website's DNS server and route them to a fake website.
➢ Example: Microsoft (2007): 50 financial institutions found themselves to be the recipients
of a pharming attack that exploited a Microsoft vulnerability, creating fraudulent websites
that mimicked the targeted bank sites.
HOW DO I PROTECT AGAINST PHISHING ATTACKS

➢ User Education
➢ Everyone should be involved in phishing awareness.
➢ Educate everyone how to identify phishing emails and what to do if they encounter
one.
➢ Exercises that simulate phishing attacks are essential for assessing how you will
respond to one.

➢ Security Technology
➢ To decrease the number of attacks and lessen their impact when they do happen,
businesses must implement a layered strategy.
➢ The following network security technologies should be used: access control, malware
protection, email and online security, and malware detection.
Mobile Phone (iOS / Android attacks)

➢ Mobile phones today are far more popular than any other computing device. However,
mobile phone users tend to be unaware of the cyber threats they face. Therefore, it is very
easy for an attacker to compromise many mobile phones since users are unlikely to have
installed effective security tools.
➢ Recently, there have been numerous reports of mobile phone attacks on both Android and
iOS devices.

EXAMPLES

1. EXODUS
➢ This spyware is said to have awakened many mobile phone users of iOS devices.
➢ The spyware was initially only effective against Android phones, but an iOS variant
soon appeared.
➢ The hackers behind Exodus used a mobile operator-style app. This has attracted
users who want the app's promised quick and simple customer service.
➢ Some features of this spyware can collect user information, location information,
photos, and chat messages. This enables malicious people to commit identity theft
and open new accounts in others' names.

2. SENSOR ID
➢ In May 2019, University of Cambridge researchers discovered an unconventional
operating system fingerprinting attack targeting both iOS and Android devices.
➢ This attack could track a user's browsing activity on a particular device over time.
➢ Sensor ID, unlike other user fingerprinting attacks, cannot be undone by performing a
factory reset, deleting cookies, or switching browsers. This is what makes it particularly
effective.
3. IPHONE HACK BY CELLEBRITE
➢ It can access app data such as chats, emails, attachments, and previously deleted
data.
➢ Cellebrite said these services are meant only to help law enforcement find
incriminating evidence from suspects' phones through unconventional means.

4. SPEARPHONE (LOUDSPEAKER DATA CAPTURE ON ANDROID)

➢ In July 2019, a new Android attack emerged that allows hackers to eavesdrop on voice
calls, especially in speaker mode.
➢ The attack was clever and did not require the user to give permission to the hacker.
The attack takes advantage of the phone's accelerometer, a motion sensor that can
be accessed by any program installed on the device. The accelerometer on your
device can detect even the smallest movement. When you accept a call and switch to
speaker mode, the accelerometer properly detects the phone's vibrations.
Spearphone can spy on video and audio and multimedia information played without
headphones in addition to voice calls.

5. MAN-IN-THE-DISK
➢ In August 2018, a new type of attack was reported that could crash Android phones.
➢ An attacker can observe how data is transmitted between your app and your external
storage space and modify that data to create inappropriate behavior in the app.
➢ It may also be used to allow hackers to execute malicious code by taking advantage
of the privileged contexts of attacked programs.
➢ Attackers can also use it to perform hidden installation of applications.
REFERENCES:

Compromising the System | Cybersecurity – Attack and Defense Strategies - Second Edition (oreilly.com)

What Is a Phishing Attack? Definition and Types - Cisco

Consequences of Phishing Attacks - Bloo Solutions

What is spear phishing? Examples, tactics, and techniques | CSO Online

What is Whaling? - Examples of Whaling Attacks - Updated 2021 - Tessian

What is a pharming attack? An overview - Norton