April 23, 2021
The invention of information and communication technology (ICTs) has invaded our lives, be it business, personal or recreational purposes. We rely heavily on the Internet for business, personal, financial, and investment decisions, etc. Accompanying these developments is the growing number of threats to the Internet and its associated technologies. Some of these threats are seen in a variety of ways, such as counterfeit goods offered on sale on eBay, to deceive unsuspecting enthusiasts, or guarantee victims a high return, if the victim will help with foreign exchange transactions via a bank account, etc. This article is about EMERGING TECHNOLOGY TH.REAT – PHISHING
The crime of stealing sensitive information, in particular, has been around for a long time. Identity theft is a hypocritical way of making a last-ditch person disclose sensitive information to an online attacker, such as passwords or credit cards, other personal information, or sensitive financial data. Another attack on Phishing is SMiShing. Instead of attacks that occur via email, it comes as short messaging services (SMS) or text messages.
The word “Vishing” is derived from the combination of “voice” and “Phishing”. Here, a call is received when the attacker entices the recipient to give his or her details with intent to harm. For example, a customer receives a call on the weekend and during office hours, allegedly from his bank’s call center. EMERGING TECHNOLOGY THREAT – PHISHING
The information collected by the attacker can be used for criminal activities such as identity theft or fraud. Often, customers and/or users, formerly known as targeted victims, are misled into disclosing this information either by providing it in a web form or by downloading and installing malicious software.
A mobile device (or a computer installed or handheld) is defined as a small computer device, usually with a small output screen, which may have a touch or a small keyboard. Perform basic computer functions, such as control, data processing, data movement, and data storage. Examples of mobile devices are Palm and other PDAs, PC PC and smartphones.
Today, with the advent of computers, the use of mobile devices to access and browse the Internet and various computer applications has become quite common; be it business or personal use. The use of a mobile device is in part due to its portability and long battery life. Compatible with many applications, the use of mobile devices presents several cybersecurity challenges due to their use and communication.
The threats posed by the emerging computing technology mentioned are a major issue in this research paper. Specifically, we want to establish the scope of cellular threats and build awareness of the threats of identity theft, SMiShing, and Vishing and their impact associated with exploitation.
In the wake of the crime of identity theft, SMiShing and Vishing mobile devices have been on the rise without any signs of attack. For the second year in a row, reported cases of monthly attacks increased more than 160 times, while the number of reported high-profile identity theft websites increased nearly 16 times, with more than 100 known brands being attacked.
Frequent attacks occur when actual emails are allegedly from the author or sender of the “corrupt”. This email message may ask the recipient to provide some sensitive user credentials or personal information or click on the link to perform some action. For example, an email that is suspected to be from your system administrator may ask you to provide administrator personal information including your password, at a specified time or you are in danger of losing your account.
When a user replies to a message with the required information, the attacker may then use the opportunity to damage his or her systems or misuse the stolen identity profile. Until recently, mobile devices were not only infected with viruses and worms but there were indications of a crime of identity theft, SMiShing, and Vishing.
Since its first discovery in 1987, identity theft has become increasingly common. And as digital technology continues, these attacks continue to find new ways to exploit risk.
Below are some of the most common types of identity theft:
TYPES OF PHISHING ATTACKS
The most well-known way to steal sensitive information, this attack is an attempt to steal sensitive information via email that appears to come from a legitimate organization. It is not a targeted attack and can be done in bulk.
Using the same sophisticated email scam strategies, this attack promotes the intent of clicking a link or downloading attachments to install malware on the device. It is currently the most widespread form of cybercrime.
When the attack on high-profile identity theft throws a net, the crime of spear-throwing is a highly targeted, well-researched crime focused on business executives, the public, and other lucrative purposes.
SMS-sensitive crime theft provides malicious short links to smartphone users, often disguised as account notifications, prize notifications, and political messages.
In this type of attack, cybercriminals set up fraudulent websites designed to collect personal information and direct payments. These sites may appear in organic search results or paid ads for popular search terms.
Vishing, or the word for stealing sensitive information, involves a malicious caller claiming to be from technical support, government agency, or other organization and trying to extract your personal information, such as bank or credit card details.
Also known as DNS toxicity, pharmacy is a sophisticated method of stealing information that includes a domain name online system (DNS). Pharming returns official web traffic to a fake page without the user’s knowledge, often stealing important information.
In this type of attack, a shady actor compromises a person’s email account, makes changes to an existing email by swapping a legitimate link, attachment, or other elements with a malicious one, and sends it to the person’s contacts to spread the infection.
A man-in-the-middle attack involves audio communication between two unsuspecting parties. These attacks are often perpetrated by the construction of fake WiFi networks in coffee shops, supermarkets, and other public places. Once joined, the man in the middle can search for details or press malware on devices.
Business email compromise includes the fraudulent email that appears to come from someone inside or associated with a targeted company requesting urgent action, whether wiring money or buying gift cards. The strategy is estimated to have accounted for nearly half of all cyber-related business losses by 2019.
This type of phishing scam uses digital ad software to publish non-standard ads with malicious code embedded inside.
COMMON FEATURES OF PHISHING EMAILS
HOW TO RECOGNIZE PHISHING
Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they receive that information, they may gain access to your email, bank, or other accounts. Scammers launch thousands of cybercrime attacks every day – and they often succeed. The FBI’s Internet Crime Complaint Center has reported that people have lost $ 57 million in criminal programs to steal sensitive information in one year.
Scammers often update their tactics, but some features will help you detect a stolen email or text message.
PREVENT PHISHING ATTACKS
Prevention of identity theft requires action by both users and businesses.
For users, monitoring is key. A false message often contains subtle errors that reveal its true nature. This may include spelling errors or changes in domain names, as seen in the first example of a URL. Users should also stop and think about why they are receiving such an email.
For businesses, many steps can be taken to reduce both the theft of sensitive information and the spear
Although hackers often come up with new ideas, there are some things you can do to protect yourself and your organization:
Usually, emails sent by cybercriminals are encrypted and therefore appear to be sent by the business through its services through the recipient. The bank will not ask for your information via email or suspend your account if you do not update your details promptly. Many banks and financial institutions also provide us with an account number or other personal information within the email, confirming that it is from a reliable source.
EMERGING TECHNOLOGY THREAT – PHISHING