What is Phishing:
Phishing is a term commonly used to refer to an email scam where an attacker, the sender, impersonate an important organisation and lure the recipient into thinking it is a genuine email. It is therefore clearly regarded as a sophisticated form of scam which mostly carried out by emails, but could be delivered via other media.
The important thing in the phishing scam is that the attacker tries to replicate a genuine web page from an established organisation, most commonly financial institutions. The sender then delivers the replicated web page copy with a warning message trying to urge the recipient into taking a drastic action. In this situation many users panic and click on the provided link which leads them to another replicated web page that seems genuine too. At this stage login details are requested from the user and once entered the user is the diverted back to the genuine site to make the process seamless.
Once the attacker has access to login or personal details they can then carry out their criminal activities by accessing the user account and try to cause the maximum damage. The user may not notice this abnormal activities until sometime later when they view their account activities.
It is worth noticing that this kind of illegal activity is on the increase, and every month there are over one million fake websites created. According to Symantec Security Group there are around 135 millions phishing attacks everyday.
Protection against phishing:
You can reduce the risk of falling as a victim to phishing emails by following these recommendations:
- Check the URL of the website, this is the most important thing you must do to establish the origin of the email.
- Do not provide important login details unless you are certain.
- Install internet security software that filter spam emails.