Skip to main content

A simple way to Understand how you get attack from Phishing (Emails, Messaging Apps etc.)

 

A simple way to Understand how you get attacks from Phishing (Emails, Messaging Apps etc )




What is Phishing?


Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, and credit card details, by disguising oneself as a trustworthy entity in electronic communication such as (Email, SMS, Text messages, Mobile app messages, and social media posts.)


So how does phishing attacks work-


A malicious link will be sent, once clicked, It begins the process to Steal data, financial card information, login credentials, and also infect your device, phones with malware(Virus) when you download the attached document.

Phishing links don’t just come in emails alone. several malicious links that lead to stolen data and infected devices can be found in SMS text messages, Mobile app messages, Social media posts.


How I received these compromised messages.-


The phishing emails and text may usually look like a message from a company you know or trust. They may look like they’re from your financial institution, banks, your social networking site like Facebook or Instagram, an online payment website or app, or an online store like amazon, jumia or konga etc.


These emails or text messages often tell a story to trick you into clicking on a link or opening an attachment.

The usually are like:


Hello there,
“We noticed some suspicious activity or log-in attempts to account..


“there’s a problem with your account or your payment information click to update here…


“Please update some personal information…..


“say you’re eligible for a government fund, download the registration form.


“You have a coupon for free stuff.”

Such emails usually have real consequences for people who give attackers their information. And also harm the reputation of the companies they’re spoofing.


How they get access to your login details credentials-


When you receive this unsolicited email from an institution that provides a link or attachment and asks you to provide sensitive information, it’s usually a scam. Most companies will not send you an email asking for passwords, credit card information.

Companies make use of unique or verified domains to send emails.

Don’t just check the name of the person sending you the email.

Check their email address by hovering your mouse over the ‘from’ address. Make sure no alterations (like additional numbers or letters) have been made.
Check out the difference between these two email addresses 


The later is the wrong URL which the attackers would make a similar website Clone..


Once you log into the clone website you would have exposed your credential to the attackers.


How your attackers get access to your data through attaching a Malware ..--


Attackers have traditionally relied on malicious links and attachments embedded in phishing emails. Phishing emails contain contents in the form of downloadable attachment. This will either be an infected attachment that you’re asked to download or a link to a fraudulent website.

The purpose of these email attacks is to capture sensitive information, such as login credentials, credit card details, phone numbers and account numbers.

When the attachment gets opened, they’ll see that the content isn’t intended for them, but it will be too late. The document deploys malware on the victim’s computer, which could perform any number of nefarious activities.

It is best that you never open an attachment unless you are sure that the message is from a trusted source.. Even then, you should look out for anything suspicious in the attachment.


How do you prevent an attack via phishing-


I have highlighted some checks to prevent these attacks and also techniques to deploy if you notice an attack.

Think before you click the download button or link in your mail
Verify a Site’s Security, have a check on the domain name
Keep all systems current with the latest security patches and updates.

Change your password to any accounts you think are compromised

Use two-factor authentication wherever it is supported

Note:
To be extra careful, you should:
“NEVER enter any personal data or login details to a website unless you are ABSOLUTELY sure it is legit.”           

Comments

Popular posts from this blog

Data Structure Multiple Choice Questions and Answers

  Data Structure Multiple Choice Questions and Answers Our 1000+ multiple choice questions and answers (MCQs) on "Data Structure - I" (along with 1000+ MCQs on "Data Structure - II (Algorithms)") focus on all areas of Data Structure covering 200+ topics. One can read MCQs on Data Structure - II (Algorithms)                 Array and Array Operations This set of Data Structure Multiple Choice Questions & Answers (MCQs) focuses on “Array and Array Operations”. 1. Which of these best describes an array? a) A data structure that shows a hierarchical behavior b) Container of objects of similar types c) Arrays are immutable once initialised d) Array is not a data structure View Answer Answer: b Explanation: Array contains elements only of the same type. 2. How do you initialize an array in C? a) int arr[3] = (1,2,3); b) int arr(3) = {1,2,3}; c) int arr[3] = {1,2,3}; d) int arr(3) = (1,2,3); View Answer Answer: c Explanation: This is the syntax ...

HackerRank Tuples Solution in Python

  HackerRank Tuples Solution in Python Task Given an integer,n, and n  space-separated integers as input, create a tuple, t, of those n integers. Then compute and print the result of hash(t). Note:   hash()  is one of the functions in the  __builtins__  module, so it need not be imported. Input Format The first line contains an integer,n, denoting the number of elements in the tuple. The second line contains n space-separated integers describing the elements in tuple t . Output Format Print the result of  hash(t) . Sample Input 0 2 1 2 Sample OUTPUT- 3713081631934410656 n = int(input()) int_list = [int(i) for i in input().split()] int_tuple = tuple(int_list) print(hash(int_tuple))

Chakra Vyuh Bhedna, the only answer to how to crack group discussions!

  Chakra Vyuh Bhedna, the only answer to how to crack group discussions! Because of the pandemic, the placement drive was conducted virtually. And to add to the difficulty level, more than 200 students participated in the drive. The selection process consisted of an online test that included the aptitude and technical questions, which was followed by a group discussion. Both were elimination rounds. The shortlisted students were then called for the final round, the personal interview. All about cracking group discussions and interviews My strategy was to be attentive in the pre-placement talks by asking questions to them and even trying to answer their questions. This helped me to boost my self-confidence and made me perform well during the Group Discussion. For cracking group discussion, I practiced a simple and powerful technique called  Chakra Vyuh Bhedna . It's a complete weapon to crack any GD. This technique has 4 parts.  Awareness of the topic Understanding PE...