Phishing is the type of attack by means of email, pop-up, chat messages, etc that tricks victims into clicking the link which can be an attempt to compromise a device to steal sensitive information like passwords, usernames, PIN, credit card number, online accounts.
It is the easiest and most common form of hacking. In this form of attack, victims are sent to the fake websites that look like the original sites such that when the user enters the account information, they are sent to hacker's database.
There are three major techniques of Phishing
1. Misspelt and Subdomain:-
In this type of phishing, there is subdomain manipulation. Most of the people who do not look properly while clicking links may fall into this trap. Misspelling of site is also common as people often donot look for spelling errors. (except Grammar Nazis :D and conscious people) For eg:-
http://www.facebook.com.xpertise.net
http://xpertise.net/au/facebook.com/help
http://www.facbook.com
2. IDN homograph attack:-
In this type of phishing, they expl0it the fact that how some characters 1ook alike. Using 0 instead of o and 1 instead of l(small L). If you can use the correct font sometimes we cannot distinguish between some characters. For eg:-
paypa1.com 1 & l(small letter L)
g00gle.com 0 & o
http://asĸ.com k & ĸ
3. Hidden URLs:-
In this type of phishing, phishing urls are hidden inside links such as Click Here or http://www.facebook.com (Both sites link to http://www.google.com). Victim is tricked by this method.
You can just hover over the links and you can see the real website the link is directing you to.
It is the easiest and most common form of hacking. In this form of attack, victims are sent to the fake websites that look like the original sites such that when the user enters the account information, they are sent to hacker's database.
There are three major techniques of Phishing
1. Misspelt and Subdomain:-
In this type of phishing, there is subdomain manipulation. Most of the people who do not look properly while clicking links may fall into this trap. Misspelling of site is also common as people often donot look for spelling errors. (except Grammar Nazis :D and conscious people) For eg:-
http://www.facebook.com.xpertise.net
http://xpertise.net/au/facebook.com/help
http://www.facbook.com
2. IDN homograph attack:-
In this type of phishing, they expl0it the fact that how some characters 1ook alike. Using 0 instead of o and 1 instead of l(small L). If you can use the correct font sometimes we cannot distinguish between some characters. For eg:-
paypa1.com 1 & l(small letter L)
g00gle.com 0 & o
http://asĸ.com k & ĸ
3. Hidden URLs:-
In this type of phishing, phishing urls are hidden inside links such as Click Here or http://www.facebook.com (Both sites link to http://www.google.com). Victim is tricked by this method.
You can just hover over the links and you can see the real website the link is directing you to.
http://bit.ly/2j5Znna
ReplyDelete