Understanding phishing
when did phishing First start?
1995
What are common indicators of a phishing email?
generic greetings, poor grammar and spelling, unusual requests for personal information, mismatched sender details, urgent or threatening language, and suspicious links or attachments.
What is a clone phishing attack?
A clone phishing attack involves attackers creating a convincing replica of a legitimate email, often one the target has previously received, to trick recipients into divulging sensitive information or taking malicious actions.
Find and describe a real-world example of a phishing attack?
email pretending to be from a legitimate company, like a bank, urging the recipient to update their account information by clicking a link, which leads to a fake website designed to steal credentials.
How can individuals protect themselves from phishing websites?
be cautious of unsolicited emails or messages, avoid clicking suspicious links or opening unexpected attachments, and verify the legitimacy of requests by contacting the sender directly through a known channel.
Here's
how to prevent phishing?
never provide personal information.
How can you tell if a link in an email is malicious before clicking on it?
hover your cursor over it to see the actual destination URL, check for misspellings or unusual characters in the domain name, and be wary of urgent requests or requests for personal information.
Explain what is meant by a "pharming" attack?
when a user types the URL of their bank's website into their browser and is unknowingly redirected to a fraudulent version of the site without realizing it.
What was the outcome of the attack you found?
the fictional Netflix series "Zero Day," the cyberattack, instigated by Speaker of the House Richard Dreyer, ultimately led to Dreyer's daughter turning herself in and his wife leaving him.
How can individuals protect themselves from phishing websites?
be cautious of unsolicited emails or messages, avoid clicking suspicious links or opening unexpected attachments, and verify the legitimacy of requests by contacting the sender directly through a known channel.
What was the first biggest phishing attack?
the border blank incident.
Describe how phishing websites mimic legitimate one?
Using the same phrasing, typefaces, logos, and signature.
How does a smashing attack differ fron email phishing.
Smsihing uses SMS text messages to trick victims into revealing personal information or clicking malicious links, while phishing primarily employs deceptive emails or websites for the same purpose.
What could have been done to prevent the phishing attack you researched?
implementing strong passwords, enabling multi-factor authentication, and educating users on identifying suspicious emails and links.
Why is it important to update your software in the context of phishing?
because it patches security vulnerabilities that cybercriminals exploit to gain access to your systems and steal personal information.
Why is phishing so popular?
it’s a low cost high reward Cybercrime that exploits human behavior rather than technical vulnerabilities
What role does urgency play in phishing attempts?
to bypass critical thinking and prompt immediate action.
Describe the characteristics of a fishing attack
Unsolicited calls, urgency or fear tactics, requests For personal or financial information, and impersonation of trusted sources.
How was phishing attack identified and resolved
through email filtering services catching most emails.
What steps should be taken if you suspect you've received a phishing email?
immediately avoid clicking links or opening attachments, mark the email as spam or junk, and delete it to prevent accidental access
Why do people like phishing?
the precipitation that other are complying can create a false sense of security and legitimacy.
How do people respond to fishing?
by them getting mad, nervous, anxiety, and they feel surprised.
Describe why people fall for phishing attacks?
scammers exploit human psychology, creating urgency, fear, or excitement to cloud judgment, and often impersonate trusted entities to gain trust and encourage quick actions without careful scrutiny.
Why is public awareness about phishing important for cybersecurity?
it empowers individuals and organizations to recognize and avoid these attacks, which are a primary method for cybercriminals to gain access to sensitive information and compromise systems.
Why is public awareness about phishing important for cybersecurity?
it empowers individuals and organizations to recognize and avoid these attacks, which are a primary method for cybercriminals to gain access to sensitive information and compromise systems.