Professional Documents
Culture Documents
The practice of phishing could be traced to 1900’s, when it was an ordinary attack
which does not require sophisticated tools such as programming languages (Java,
Python, C##), creating of Malware emails, cloning of websites and Phone Call
tricking etc.
Phishers have now improved on their attacks to the extend they use unfamiliarized
tools which Network Security such as Firewalls, Intrusion Detection System, Virtual
Private Networks and Intrusion Prevention System cannot detect so easily. The
upgrade comes through the new innovation in Technology, as technology paves way
to some certain things in the world. Phishers can go along way in learning some
programming skills to ensure that their mission is a success.
Phishing attacks comprise deceptive methods which is used to trick unwitting victims
into sharing of their sensitive information such as username and password, credit
card numbers, or other personals details.
Commonly known Phishing Attacks include:
Email Phishing
Spear Phishing
Smishing
Vishing
Clone Phishing
Search Engine Phishing
Malware-Based Phishing
These methods depend on how a phisher want to attack unwitting victim into
collecting of sensitive information.
The Internet is a global place where various of website are stored in a server and
attackers use that as a leverage to attack individuals by cloning of legitimate website
in the name of being the real website. So many websites on the internet are not all
genuine as phishers use some to carry out their notorious activities.
Among the phishing attack methodology, clone phishing is the most proficient way in
which phishers use to trick individuals into gaining sensitive information. Creating of
fake copies of legitimate emails, websites or social profiles to trick users into
providing sensitive information.
Blackeye Tool contains the famous and fake websites which parades as the
legitimate ones. Phishers use Blackeye to trick individual in exposing their personal
details which they will use to hack the individual.
2. DELIVER THE FAKE SITE TO TARGET: After the site have been created
either by using the knowledge of programming language or by using “BLACKEYE
TOOL”, the phisher then sends the site to the targeted individual either by sending
an email containing the illegitimate website parading as legitimate which redirects
the individual to the fake website (when the link is been clicked) or squeezing it in
into a website so as to make the individual to click the link.
EXAMPLE
Let us use a fake Amazon Site which was created from “BLACKEYE TOOL” for an
instant. When the site is been deployed to the targeted victim by sending an email
(such as click here to validate your email ) to the targeted individual posing as
an Amazon Staff and when the individual sees that, its thought will be it is a
legitimate email direct from the Amazon Staff and then click on it. When the
individual clicks on the site, it redirects the individual to the fake Amazon site while
the phisherman screen notify the phisher of the bait.
The unwitting victim fills the personal details such as Username and Password, and
try logging into his account. When the unwitting victim must have input all the
credentials and clicks on login, the individual will then be brought to the legitimate
site of the Amazon but unknowing to the individual, its personal details have been
captured by the phisher to be used on the long-run
The use of Blackeye has increased over the years as phisher consider it as the best
tool to gain sensitive information from unwitting victims.
QUESTIONS:
1. WHAT RISK DO COMMON PROGRAMMING LANGUAGE POSE:
Programming Languages do not pose a direct in phishing attack rather it is how they
are used that can contribute to the risk. Programming language such as Python,
Powershell, Ruby, Perl could be considered as building blocks of Phishing
Methodologies because they aid in Clone Phishing, Malware-Based Phishing and
Search Engine Phishing etc. The creation of site which can aid in cloning of
legitimate website and developing of malware are mainly carried out by PHP,
HTML/CSS/Javascript and Python.
Also, Exploitation and Obfuscation are dangers that programming languages pose in
phishing attack when they are not used appropriately.
Among all, Outdated Systems Software and Unpatched Software are the major way
in which an attacker can exploit vulnerabilities in a system and software. When a
system or software is not regularly updated or patched it creates a backdoor
(loophole) for attackers to gain access to the software and system.
Spoofed Sender Address: The email address, website and message which the
sender disguised to be the legitimate owner.
Sense of Urgency: Creating a false alarm which makes the unwitting victim to
hurriedly click on the link
Logos and Branding
Threats of Account Suspension
Requesting for Sensitive information
Spoofer Caller ID
Requesting unusual Action
Domain Spoofing, URL Obfuscation and other Technical Strategies are used by
phishers to make their emails, website and messages looks more legitimate to
individual in other to evade detection and glitches.
Phishers register domains that look similar to the real website, usually using
misspelling, different TLDs or Subdomain so as to make their victim not to notice a
change.
For example, let use Amazon website, if a phisher wants to register a website that is
similar to Amazon (which their domain name is amazon.com), the phisher will
misspell it as amazon.com.phishing.net so that the changes will not be quite much.
A Phisher can obfuscate a URL in emails or webpages by using redirect links, URL
Shortener services etc. this hides the malicious destination of the illegitimate
website. The obfuscation URL hides the true destination of malicious in other to
bypass Security filters. This is why some Network Security such as Firewalls, VPN,
IDS and IPS is unable to detect a malicious traffic as the URL of a Website has been
obfuscated.
To fight against phishing, some security requirements are to be adhered and carried
out, they include:
MULTI-FACTOR AUTHENTICATION
ENDPOINT PROTECTION
EMAIL SECURITY
WEB CONTENT FILTERING
CYBERSECURITY AWARENESS TRAINING
LIMIT PRIVILEGES
ENCOURAGE STRONG PASSWORD POLICY
EMAIL AUTHENTICATION
REGULAR UPDATE OF SOFTWARE AND SYSTEM PATCHES
CONTROL 3RD PARTY ACCESS.
REFERENCE