Perhaps the most commonly used hacking technique today, phishing is an attempt to steal user information by disguising malicious content as a trusted message.
Although the term is commonly associated with email, and terms exist to describe other means of communication, such as “smishing,” which is SMS phishing, phishing can occur in any type of electronic communication.
A common tactic is tricking the user into clicking an embedded link or downloading an attachment. Instead of being directed to a useful resource, the malicious file is downloaded and run on the user’s machine.
What happens next depends entirely on the malware being executed – some may encrypt files and prevent the user from accessing the machine, while others may try to remain hidden in order to act as a backdoor for other malware.
As computer literacy improved over the years and users became accustomed to online threats, phishing techniques had to become more sophisticated.
Today’s phishing typically involves some form of social engineering in which a message appears to come from a legitimate, often well-known company, informing its customers to take action.
Netflix, Amazon and Facebook are often used for this purpose, as it is highly likely that the victim will have an account associated with these brands.
The days of emails from alleged princes of Nigeria seeking an heir or firms acting on behalf of wealthy deceased relatives are few and far between, although you can still find strange, wildly extravagant claims here and there.
Our recent favorite is the case of the first Nigerian astronaut who is sadly lost in space and needs us to act like a man in the middle to transfer $ 3 million to the Russian Space Agency, which apparently does return flights.