CAREER: recruiter@teknotrait.com

BUSINESS: info@teknotrait.com

Follow Us:

mobile-logo
Hosts File Poisoning
26 Jun

Awareness on Types of Phishing Emails and Identification

by teknotrait
in Digital Marketing
Comments

Recently, the Ransomware attack, triggered by a phishing email containing the WannaCry virus, has infected thousands of systems globally and may escalate further.

 

There are different types of phishing emails in the market. Have enough knowledge to defend yourself on a day to day basis.

 

The virus dubbed WannaCry, a so-called ransomware, has locked up more than 100,000 computers and sent cyber security experts scrambling to patch computers and restore infected ones.

 

The motive of this blog is to spread awareness on what these phishing emails are and how we can identify them. Lets understand phishing.

How to Stop Phishing Emails

 

One of the major security issues associated with internet users these days is “phishing”.

 

Phishing is a fallacious action performed in order to acquire financial and personal information like usernames, passwords, credit card numbers, social security numbers, date of birth etc. 

 

It is an email spoofing in which a legitimate-looking email is sent to some target users.

 

These emails appear to come from familiar and authentic websites.

 

It usually includes exciting or bothersome statements and suspicious redirecting hyperlinks towards fake website spoofing innocent internet users.

 

A lot of firms across the world are ready to have better security towards database, content and so on.

 

This helps in having an extra layer of security effectively.

how to stop phishing emails
Ruby On Rails
Features of ZigBee

Types of Phishing Attacks

 

    • Deceptive Phishing:

This type of phishing attack broadcasts phishing emails to a wide group of recipients with the intention of acquiring their confidential information.

 

It consists of messages related to verify account information, system failure requiring users to re-enter their information, fictitious account charges, undesirable account changes, new free services requiring quick action, and many other such scams.

 

    • Malware-Based Phishing:

These attacks try to inject malicious software on users’ PCs.

 

Malware can be introduced as an email attachment, as a downloadable file from any web site, or by exploiting known security vulnerabilities—like un-updated software applications.

 

    • Keyloggers And Screenloggers:

In this attack, keyboard input are traced and relevant information is sent to the hacker via the Internet.

 

They embed themselves as small utility programs, device drivers or screen monitors that run automatically inside the system.

 

    • Session Hijacking:

Users’ activity is observed until they sign in to their account or perform any transaction and establish their authentic credentials.

 

At that point the malicious software commits unauthorized actions, like transferring funds, without the knowledge of the user.

 

    • Web Trojans:

Pop up invisibly when users attempt to log in.

 

They retrieve legitimate pieces of information locally and pass on to the attacker.

    • Hosts File Poisoning:

Most of the users’ PCs running a Microsoft Windows operating system first look up “hostnames” in their “hosts” file before undertaking a Domain Name System (DNS) lookup.

 

By “poisoning” the host’s file, hackers have a bogus address transmitted, taking the user unaware to a fake similar looking website where their information can be stolen.

 

    • System Reconfiguration:

Perform alteration to settings on a user’s PC for pernicious purposes.

 

For example, URLs in a favorites file might be modified to direct users to look-alike websites.

 

For example, a bank website URL may be changed from “citibank.com” to “citybank.com”.

 

    • Data Theft:

Data theft is a widely used approach to business espionage.

 

By stealing confidential communications, design documents, legal opinions, and employee-related records, etc., thieves profit from selling to those who may want to embarrass or cause economic damage or to competitors.

 

    • DNS-Based Phishing (“Pharming”):

Pharming is a Domain Name System (DNS)-based phishing.

 

With this scheme, hackers manipulate a company’s host’s files or domain name system so that requests for URLs or name service return a forged address and further communications are directed to a fake website.

 

The result: users unwittingly enter confidential information and get spoofed by hackers.

 

    • Content-Injection Phishing:

It describes the situation where hackers replace part of the content of a legitimate site with false content designed to mislead or misdirect the user into giving up their confidential information to the hacker.

 

For example, hackers may insert malicious code to log user’s credentials or an overlay which can secretly collect information and deliver it to the hacker’s phishing server.

Monolithic Vs Microservice Architecture
What is ReactJS ?
Deceptive Phishing emails

TESTING & IDENTIFYING A PHISHING EMAIL

 

Below are various attributes that capture the characteristics of phishing emails and which helps to test if an email is a phishing email :

 

    • Attribute: URL

URL containing IP Address

Example: http://192.82.12.1/signin.ebay.com

Inclusion of @ symbol in order to redirect users to another site
Example: www.citybank.com@123.123.123.12 instead of www.citibank.com

 

    • Attribute: Domain Name

Phishing site may register itself with a similar name as a legitimate site

 

Example: www.snapdea1.com instead of www.snapdeal.com

 

Number of dots or periods
Example: More than 3 dots suspect the legitimacy of the site

 

    • Attribute: Hyperlinks

Hyperlinks in the email do not route to the same location as is supposed to do.

 

Unusually long hyperlinks
Example : http://payment2.works.com/wpm/validatecode=2139877…nvuhufyeru993fu

 

Disparity between “href” attribute and “link text”

 

Example : Paypal.com

Instead of Paypal.com

 

    • Attribute : Keywords

Frequently appearing words in phishing emails.

 

Example : Win!; Jackpot; Update; Confirm; Click; Here; Login; User; Customer; Client;

 

    • Attribute: Input Fields

Phishing sites usually require users to input their personal information and hence embed input fields.

 

Example: Enter Password, UserID, Security No. , Account No. , Credit Card No, etc.

Malware-Based Phishing emails
    • Attribute : HTML Content

Phishing emails consist of content-type with the attribute “text/html” in order to use HTML links.

 

Example : Type of content-“text/html” Instead of “text/plain”

 

    • Embedded JavaScript

Presence of JavaScript in either body of the email or in link mostly to hide information from the user Use of Example: Use of

Session Hijacking mails

Conclusion

The financial loss incurred by internet users and organizations due to phishing is growing rapidly day by day.

 

I hope this blog will be helpful to unfurl the awareness on malicious cyber attacks.

 

Find my research papers on phishing in below links :

http://www.ijraset.com/fileserve.php?FID=2771

 

https://www.semanticscholar.org/paper/Development-of-Anti-Phishing-Model-for-Classificat-Vaishnaw/9b8fbda126866cd3acefe2f3262bb07fddecb898

Tags:
,,,,,
1 Comment

Post a Comment

Comment
Name
Email
Website