How Phishing Works ?
 |
| Phising Attack |
It is always safer to deal with a known devil — no matter how dangerous it is — than is to deal with an unknown demon. Just the knowledge of the devil is enough to trigger a response mechanism inside of us, which in due time help us form a strategy to defeat the devil in the battle.
I believe in this, and that is the reason why I have decided to first inform you about the workings of phishing scamsters. The mere knowledge of their working will save you more often than you can care to imagine. So let’s get started with reading mind of a phishing scamster.
Against this background, a story is weaved to make it believable to the audience, so much so that the readers click the link sent in the mail. Such mails are sent in abundance to anyone and everyone using all the possible media.
The readers are then taken to a website that looks entirely like the website they would see on the other side of the original link the scammer is mimicking, expect for one thing. The URL is not the same.
These tricks rests on the fact that not many people verify the URL, HTTPS prefix, and presence of padlock on a website before keying in their username and password. And sadly, almost all the phishing attacks succeeds in fishing critical information — typically usernames and passwords of bank accounts and other financial institutions — from lot many users.
How phishing works
The phishing net used by the scamsters consist of three things:
- A cooked up story enticing you to take action.
- A link to a website that looks similar to the one phishing email claim to be.
- A landing page that looks entirely like the website of the company a phishing mail claims to originate from.
How each of the elements is used?
To make a phishing mail believable, a scamster designs a mail that looks identical to the mails you receive from the company which phishing scammer is pretending to be — bank, credit card websites, PayPal, etc.
Against this background, a story is weaved to make it believable to the audience, so much so that the readers click the link sent in the mail. Such mails are sent in abundance to anyone and everyone using all the possible media.
The readers are then taken to a website that looks entirely like the website they would see on the other side of the original link the scammer is mimicking, expect for one thing. The URL is not the same.
These tricks rests on the fact that not many people verify the URL, HTTPS prefix, and presence of padlock on a website before keying in their username and password. And sadly, almost all the phishing attacks succeeds in fishing critical information — typically usernames and passwords of bank accounts and other financial institutions — from lot many users.
Post a Comment