Phishing attack: what it is and how to protect Internet users from it

What phishing is and what purpose it serves

First of all, let's understand the concept of phishing. Many of you have probably received emails about winning the lottery or receiving an inheritance from a distant foreign relative. To find out the details, the text was usually followed by a call to click on a link. So, you should know that this is a form of phishing.

In general, phishing is the luring of confidential data from Internet users by sending emails supposedly from reliable organizations (bank, popular online service, etc.). In reality, they are sent by cybercriminals to seize account data in order to steal money from bank accounts, blackmail or resell it online.

The term "phishing" was first mentioned in 1987 in a paper from the conference "System Security: A Hacker's Perspective". The word comes from the English word "fishing", because scammers literally catch their victims on the hook. By the way, such phishing attacks are carried out not only through online mailings, but also through SMS messages (then they are called "smishing" — from "SMS" and "fishing") and phone calls (called "vishing" — from the English "voice" and "fishing").

The most famous phishing attacks in history

One of the first global phishing attempts took place in the United States in 2001. The attackers took advantage of the chaos that reigned after the September 11 terrorist attacks and sent out emails as if to verify the identity of individuals. In reality, the fraudsters needed the information to steal bank data.

$900 million — that's how much money cybercriminals managed to steal from Internet users in the United States in 2005. More than a decade later, in 2016, more than 250 thousand phishing attacks were recorded across the country. High-profile cyberattacks using phishing emails are also known to have occurred during the 2016 and 2020 U.S. presidential campaigns.

Since hackers are constantly improving the methods of their attacks, and the scale of the latter is impressive, Internet users need to be attentive to online activities and adhere to at least basic security rules.

Domain spoofing as a form of phishing

One fairly common form of phishing attack is domain spoofing. Typically, scammers pass off fake domains as legitimate organizations on websites or in emails. When a user interacts with the malware, their personal data is exposed to the criminals.

• Homoglyphs.
  

  This is the name given to visually identical or similar characters that have different meanings. For example, the capital letter "O" and the number "0". Such signs in the URL-address user can easily confuse each other and as a result get to a fraudulent site.

• Subdomain spoofing.
  

  In this case, cybercriminals create a subdomain of a recognizable domain and intercept the victim's Internet traffic when trying to access a web resource.

• Typosquatting.
  

  This technique consists of registering a domain similar to a popular one, but with some differences: replacing letters, misspelling words, adding symbols ("-", "_" or others). Upon contact, the Internet user is directed to a malicious site.

Email remains one of the main communication channels through which hackers reach out to their potential victims, offering to switch to spoofed domains. This is not surprising, as over 300 billion emails are sent around the world every day. Therefore, it’s important for everyone to know how to protect themselves from these and other forms of cyberattacks. We hope the following recommendations will help you with this.

5 tips to protect yourself from phishing:

1. Be informed. According to media reports, phishing attacks are becoming increasingly sophisticated.Therefore, it’s advisable to take interest and learn about new phishing methods so that you can be aware of them and recognize them in advance.
2. Pay attention to email addresses. Cybercriminals often use fake email addresses to impersonate legitimate organizations. Before opening an email, check the sender's email address. If it looks suspicious, it's best not to open the email. If possible, it’s worth asking the sender in an alternative communication channel (messenger, sms, phone call) if he or she really sent an email you weren't expecting.
   We also advise you to use spam filters to block emails from unwanted sources. Also, analyze in time what email address you provided to the sender for communication with you (if it’s not the one to which the letter came, it’s already an "alarm bell").
3. Don’t click on links or attachments. If you receive an email or message that contains a link or attachment that seems suspicious, don’t click on it. Keep in mind that official organizations don't use shortened links. If one is clicked, it may lead to a malicious website or infect your device.
4. Don’t send sensitive information by email. We are talking about account passwords, passport photos, phone numbers, bank account numbers and other personal data. Legitimate organizations will never ask you to provide personal information in this way.
5. Enable two-factor authentication. This will ensure that only authorized users have access to sensitive information and will prevent cyber criminals from infiltrating your account.
6. Update the software on your devices. Software manufacturers frequently release security updates that can help protect you from advanced threats. Always install the latest updates on your computers, smartphones, and tablets. While they don't guarantee 100% reliability, it's still best to stay on top of them.
7. Implement email authentication protocols. Such protocols as SPF, DKIM, DMARC, working in tandem, allow you to verify the legitimacy of the sender of an e-mail and thus strengthen the protection of your company's digital infrastructure.

Be careful on the Internet to avoid falling prey to phishing scams. And if this material was useful to you, please share it with your family and friends.