What is Phishing?

May 27, 2020

No doubt you have wondered and asked yourself on more than one occasion, what is phishing and how can it affect you.

All of us know that it is some type of scam, although perhaps there are many who don’t know exactly what it is or the techniques used by hackers and cyber criminals.

So, exactly what is phishing? Basically, also known as email phishing, it involves sending emails, which appear to come from trusted sources, such as banks etc, though really they are aimed at stealing confidential information from users.

These emails usually include a link which when clicked, takes you to a spoof web page. These pages appear genuine though they are really like a mirror that hides the criminals whose sole aim is to steal your personal data.

The problem is that users think they are in a trusted site and therefore enter the requested data. However, this confidential data will fall straight into the hands of the scammers and can then be used for some type of fraud.

That’s why it is always best to access web pages by typing the address directly in the browser.

How to recognise a phishing message
It’s not always easy to recognise phishing messages, particularly if you are a client of the company from which the message has supposedly been sent.

  •    Even though the ‘From:’ field of the message shows the address of the company, it is not difficult for a criminal to alter the source address of the email in any mail client.

 

  •    The email may have the logos and trademarks of the organization, yet these can easily be lifted from the company’s website.

 

  •    The link in the email seems to point to the company’s website, though really it takes you to a fake page which will ask you for your user name, password, etc.

 

  •    Very often these messages contain spelling or grammatical errors that you would not normally expect in official communications from the genuine company.

 

It’s also important to bear in mind that although phishing has traditionally used email, now, with the increasing popularity of smartphones and social networks, there are new channels of attack.



Another thing to be aware of is that although we normally talk about phishing in the context of banks, cyber criminals often use any popular website or platform (Ebay, Facebook, Paypal, etc) as bait for stealing personal data.

But remember, no company will ever ask you to send them your personal details via email. If they do, be very suspicious!


If you would like to find out how you can protect yourself from phishing attacks, contact us today.

Follow Us

Be the first to know

You might also like

Types of Hackers – The 6 Hats Explained

08 Apr, 2024
‘Hacking’ refers to activities performed by a threat actor (a ‘hacker’) that seeks to compromise digital services, such as computers, smartphones, and networks. Hackers are usually characterised as only being unlawful, motivated by financial gain, information gathering, or even just for the thrill of having a challenge.
Different Penetration Testing Types

Different Types of Penetration Testing

01 Apr, 2024
Penetration testing is a form of an ethical hacking simulation conducted in accordance with industry guidelines, which aims to closely mimic real-world targeted attacks that organisations face daily. By actively testing your organisation’s defences, you can understand your security posture while also improving your defences, reducing the likelihood of experiencing a cyber-attack, ensuring confidentiality, integrity, and availability
What is Penetration Testing?

What is Penetration Testing?

25 Mar, 2024
A penetration test ultimately seeks to answer the question “How effective is my organisation’s security controls against a skilled human hacker?” while determining the security posture of your organisation.
More Posts
Share by: