Unfair „hunting“ of sensitive data on the Internet, which can make the victim pretty messy. But what exactly is it and how to recognize it? In the field of cybercrime, phishing is not a hot new thing. In recent months, however, we have been encountering it more often than would be healthy. Government institutions, companies and individuals are struggling with it. We dare say that you have already encountered phishing in a more or less sophisticated form. But let’s take it from the beginning…
Phishing typically has three distinct components:
1) A cyberattacker pretends to be someone you trust. It takes on the identity of a trustworthy authority – a bank, a public administration body, a telephone operator, etc.
2) It addresses you with an urgent request or urgency, or awakens your curiosity. For example, it could be an email from a courier service telling you that you need to log in to the system immediately and fill in your address details or you won’t be able to receive your package. Curiosity is stimulated by various competitions, or announcements of an amazing prize.
3) The attacker directly or indirectly wants to get to your sensitive data. It doesn’t have to be a direct request for your credit card details, just a link to log in to a system that is indistinguishable from the login interface of your online banking.
What does classic phishing look like?
Let’s get into practice. Probably the most typical phishing attack looks like this: you receive an email that looks innocent at first glance. For example, a message from a bank (payment app, e-shop, streaming service, etc.) that you need to update your login details because someone has tried to access your account and your data is at risk. And of course, the e-mail also contains a link through which you can change your login details immediately. Attention. Nowadays, we find ourselves in a situation where it is not safe to click on almost any similar link in an e-mail. Even if the email is genuine, it is better to load the sender’s website in the next window and log in in the classic way.
If you were to be tricked, open a link in the email and fill in your sensitive data, there would be a real risk that you had been tricked by a cyberattacker. Cybercriminals most often try to obtain combinations of login passwords and emails, credit card numbers and other exploitable data. Do you feel like you can tell when it’s phishing? You already know what it is. But there are more types of phishing attacks, and believe me, some of them will really surprise you.