Most of us have received a malicious email at some point in time, but phishing is no longer restricted to only a few platforms. The evolution of technology has given cybercriminals the opportunity to expand their criminal array and orchestrate more sophisticated attacks through various channels. Here are 20 new phishing techniques to be aware of.
20 new phishing techniques
Pharming involves the altering of an IP address so that it redirects to a fake, malicious website rather than the intended website. By entering your login credentials on this site, you are unknowingly giving hackers access to this sensitive information.
Smishing involves sending text messages that appear to originate from reputable sources. These messages will contain malicious links or urge users to provide sensitive information. To avoid falling victim to this method of phishing, always investigate unfamiliar numbers or the companies mentioned in such messages.
Vishing is a phishing method wherein phishers attempt to gain access to users’ personal information through phone calls. Phishers can set up Voice over Internet Protocol (VoIP) servers to impersonate credible organizations. The caller might ask users to provide information such as passwords or credit card details. Legitimate institutions such as banks usually urge their clients to never give out sensitive information over the phone.
4. Session hijacking
A session token is a string of data that is used to identify a session in network communications. Hackers use various methods to embezzle or predict valid session tokens. These tokens can then be used to gain unauthorized access to a specific web server.
5. Content injection
This method of phishing involves changing a portion of the page content on a reliable website. When users click on this misleading content, they are redirected to a malicious page and asked to enter (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Dan Virgillito. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/1UJ2WnXYFZ0/