Phishing Explained – What is Phishing? How it works How to prevent it | Attack techniques Scam ExamplesIn this episode we are going to talk about Phishin...
Click Here:- https://www.youtube.com/watch?v=FsuVU4zu_kc
In this episode we are going to talk about Phishing. Phishing is a cyber attack that uses disguised email as a weapon. It's one of the oldest types of cyberattacks, dating back to the 1990s, and it's still one of the most widespread and pernicious, with phishing messages and techniques becoming increasingly sophisticated. According to research, including the 2019 Verizon Data Breach Investigations Report, nearly a third of all breaches involved phishing. For cyber-espionage attacks, that number jumps to 78%. The worst phishing news is that its perpetrators are getting much, much better at it thanks to well-produced, off-the-shelf tools and templates.
An organization succumbing to such an attack typically sustains severe financial losses in addition to declining market share, reputation, and consumer trust. Depending on scope, a phishing attempt might escalate into a security incident from which a business will have a difficult time recovering.
We want to make sure we are secure and prepared in case one of these attackers tries to infiltrate our systems so today we are going to take a look at Phishing and see how we can protect our company, systems and clients from it.
What is Phishing? Phishing Attacks. How phishing attacks work
Phishing is a type of social engineering where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, phishing is by far the most common attack performed by cyber-criminals, with the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime
What ist he goal of phishing?
There are a couple of different ways to break attacks down into categories. Generally, a phishing campaign tries to get the victim to do one of two things:
• Hand over sensitive information. These messages aim to trick the user into revealing important data — often a username and password that the attacker can use to breach a system or account. The classic version of this scam involves sending out an email tailored to look like a message from a major bank; by spamming out the message to millions of people, the attackers ensure that at least some of the recipients will be customers of that bank. The victim clicks on a link in the message and is taken to a malicious site designed to resemble the bank's webpage, and then hopefully enters their username and password. The attacker can now access the victim's account.
• Download malware. Like a lot of spam, these types of phishing emails aim to get the victim to infect their own computer with malware. Often the messages are "soft targeted" — they might be sent to an HR staffer with an attachment that purports to be a job seeker's resume, for instance. These attachments are often .zip files, or Microsoft Office documents with malicious embedded code. The most common form of malicious code is ransomware — it is estimated that 93% of phishing emails contained ransomware attachments.