Phishing is a form of social engineering attack where a phisher disguised as a legitimate person or organisation sends some personal and sensitive information or infects a user’s computer with malware.
- Deceptive Phishing: phishers craft messages that look almost identical to those of legitimate companies or reputable sources to lure individuals into providing sensitive data.
- Pharming: hackers will modify the system files of a hacked computer, and makes web browsers redirect a user’s web access from a legitimate website to a fraudulent website to steal the user’s login credentials or sensitive data.
- Fraud applications: fake mobile apps impersonate trusted brands, and compromise mobile devices with malware designed to steal confidential data. By replicating the appearance and functionality of legitimate apps, they trick users to install malicious content.
- Wi-Fi Phishing: attempts to steal sensitive data by convincing wireless network users to connect their mobile devices to the malicious Wi-Fi access point (AP).
- Quick Response (QR) Code Phishing: take advantage of the implicit trust of users to perform thoughtless action in scanning the QR codes to carry out malicious actions on mobile devices.
- Social Media Phishing: encompass online scams based on implied trust of social media channels like Facebook, WeChat, etc. to trick users to provide login credentials or sensitive data by impersonation, romance scams, fake event invitations, etc.
- It may use a similar website address as that of the legitimate website.
- It may use genuine-looking content, containing actual links to web contents of the legitimate website, or even cloning a legitimate website to entice visitors in entering their sensitive information.
- It may contain a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) that can redirect visitors to the malicious website once they pass the CAPTCHA test.
- It may be in the form of a pop-up window that shows in the foreground together with the genuine web page in the background to obfuscate the visitors who think they are visiting a legitimate website.
- Delete the phishing message immediately to prevent users from accessing the malicious content again.
- Reset users’ login credentials (e.g. login password) if user accounts are supposedly compromised.
- Take the infected devices offline and perform a complete scan of the devices concerned to verify if malware has been downloaded.
- Report to appropriate parties (e.g. IT administrators, Police Force) immediately, report the details of phishing attacks and take appropriate actions (e.g. change the password immediately, update the system to the latest version, etc.).