When we surf the Internet, there are many attacks that we have to face. Many types of malware that in one way or another put our security and privacy at risk. However, one of the most common varieties of attacks and that has increased the most in recent times are Phishing attacks. In this article we are going to talk about it, but we are going to focus mainly on what types of Phishing attacks we can find. In this way we will have a greater knowledge to avoid being victims.
What are Phishing attacks
Many readers will know what Phishing attacks are and how they work. Basically it is an attack that seeks to steal the victims’ credentials and passwords. They are looking for a way to send a message that impersonates the identity of a company or organization. This message may contain a malicious file or simply a link that leads us to a fraudulent page.
By impersonating the identity of a company, for example, the victim believes that he is facing a legitimate site. In this way, you try to log in normally but in reality you are delivering your data in a tray.
It is a technique that is not new, but it has undoubtedly been improving over time. The main problem is that they can usually get through security measures. Therefore, it is very important that users use common sense and have knowledge about this problem to prevent.
What types of Phishing attacks are there?
As we have mentioned, there is not only one type of Phishing attack, although in the end the objective will be the same. For this reason we are going to explain what types of Phishing attacks we can find when surfing the net.
Phishing by email
It is without a doubt the most common type of Phishing attack. It is the traditional one that comes to us through an email . Here basically what the attacker does is impersonate a company or organization. They may use an email address similar to the official one, copying their logo, texts …
They try to make the victim believe that they are facing an important message. They usually use alert phrases so that the user pays more attention and ends up accessing that malicious link.
Smishing
Smishing attacks are similar to the previous one, but this time we received them by SMS. The victim receives a text message on his mobile and is usually from a bank or some platform that he uses online.
Again these messages will contain a link that takes us to a page that hackers use to steal information. This has increased considerably in recent years and is a problem that affects both private users and companies.
Vishing
The case of Vishing is different. This time we are facing an attack that uses the voice. Therefore we are going to have to receive a call. There they do use messages similar to the previous ones, even if by voice.
Once again they are going to supplant the identity of some company or organization. They are going to trick the victim into believing that they are dealing with something legitimate. In this way they will collect information.
QRishing
One more case is QRishing . As we know, QR codes are very present in our day to day. Simply by approaching the mobile with an installed reader we can access pages and services. They also serve to collect information in certain places.
Now, the problem comes when that QR code is maliciously modified. They may put it in public places where there are usually legitimate codes. Approaching the mobile and reading that code redirects us to a false website that puts our security at risk.
Spear Phishing
Spear Phishing is another technique that hackers use. We can say that it is more personal than all the others. It can be an e-mail, for example, but this time it is addressed to the user.
By carrying the victim’s name they are more likely to open it. One more way for cyber criminals to succeed.
Phishing based on malware
In this case the hackers add a malicious file. The normal thing is that we receive it by email and instead of being a link to access a fraudulent page, that email will contain malware .