Electronic phishing is a form of electronic fraud on others to obtain some confidential information about victims, such as a user name, password, or data for a credit card, or to obtain money indirectly.
It was called an electronic phishing because the hacker used a taste to catch his victim, not to mention that the phishing in its general concept does not target a certain category but for all people, thus it is similar to the behavior of the hunter who casts his taste and he does not know in advance what fish will be caught by his taste.
According to the MCSI “Microsoft Computing Safer Index” report issued in February of 2014, the annual global impact of e-phishing could reach $ 5 billion! According to a global study issued by the "AFWG: Anti Phishing Working Group" for the same year, 54% of phishing messages target customers and clients of each of the following companies: Apple, PayPal, Chinese marketable Taobao.
The phishing process is carried out by sending an email to the victim, either by e-mail, or by using the technique of electronic instant messaging (IM), whether it applies the “server-user” protocol: “Client - Server”. So that the hacker denies this message, so that his message appears to be sent by a trusted organization or by impersonating a friend of the victim, and for the victim’s trust in this organization or this friend, he responds to the content of the message!
Either the message contains a malicious attachment or link that downloads malwares to the victim's device, or the victim leads a malicious website through which the victim is defrauded by asking him to enter some data so the site in turn collects and analyzes it to extract confidential information such as words Traffic to specific sites, or credit card information, etc.
Phishing is classified as a form of social engineering, as the primary step for the success of the process is to persuade the victim to click on the link included in the text of the message, or open the attachment and all of this is done in a way that the victim feels safe.
Also, the hacker is not in the process of a deep study of the process of penetrating the victim's protection systems and researching its vulnerabilities, it only needs to persuade the victim to click on the link, and the malicious programs that will penetrate are loaded easily because it is by clicking the victim (which is responsible for the device, that is, it is The admin) on the link, thus giving its powers to the program.
This type of breakthrough spreads during occasions, as everyone celebrates by sending greeting cards via e-mail, instant messages or messages, even over the phone, thus creating the ideal conditions for hackers to publish their messages to the public for the purposes of congratulations and hacking. Also after breaking news about important events or perhaps using social media such as Facebook, by including malicious links on posts of good interest from users.
The process of persuading the victim is carried out in several ways, so the hacker must have a social intelligence to forge the general appearance of the email to appear as if it was sent from a trusted authority as a famous company, by including the logo of the company and some data to communicate with it within the email, where the hackers can obtain These data are from the company's official website. As for electronic links, the hacker forges the link in an unnoticeable way or falsifies the external appearance of it, as will be explained later.
1. Spear Phishing:
Instead of sending a malicious e-mail to thousands of victims, the hacker here targets certain individuals or companies and hence the name came by hunt. If the target is a specific person or entity, and this requires the hackers to make an additional effort in the process of collecting information about the target person or entity in order to enrich the content of their message, the percentage of their success increases. And this technology has proven a great success on the Internet, accounting for 91% of the attacks.
2. Clone Phishing:
When the hacker gets an original copy of an email and he knows that it is also sent to another user, then he will impersonate the original sender and send the same message to users after sending them by the original sender claiming that there was an amendment to the content of the message or that there is a procedure that must be completed By clicking on a link, or by downloading an attached file (the hacker has modified the link or attachment to suit its hacking goals).
Whaling:
Here, senior officials, executives, or personalities who play an important role in the corporate or sovereign entities entity in the countries are targeted, as they are lured towards a malicious site with a graphical interface with an advanced level of character.
As for the content of the message that led them to the site, it is either a legal summons, customer complaint, or an executive case, etc.
Example: Whaling phishermen falsifies a FBI summons letter and the message includes a malicious e-link which requires the administrator to click on it to download special programs to display the summons as they claim.
4. Phishing by Link Manipulation:
The hacker must use techniques of artistic deception in the design, then he modifies the malicious link to appear as the original link for a trusted site, and below is an example of the link modification process:
The hacker can replace the letter O with the number 00 in the link WWW.GOOGLE.COM for WWW.GO0GLE.COM to make it difficult for the user to notice the difference. Here the malicious link sends the victim to a malicious site with a matching graphical interface to Google.
The severity of this method lies in falsifying the bank link and sending you a malicious website with a matching graphical interface, after which the victim enters his private data from the password and username! As in the example below:
In this link: www.ba nk o far ne r i c a.com, the letter m has been replaced by the r, nn and thus the user is visually deceived thinking that the letter is m.
Or, the hacker may insert a malicious hidden link behind another trusted link, using the (insert link) option:
https://www.google.com Here we clearly notice the reliability of the site to which the link will lead us, but once the mouse is dropped on it we see the actual domain name to which we will be sent differs from what is shown in the link.
Phishing website forgery:
After the victim's visit to the malicious site, the process of deception and counterfeiting has not ended yet, some of the forgery operations are done using Java script commands to change the address bar, and this is done by placing a picture of the original address on the malicious website address so the victim thinks that he is in the right place, or by closing the original tape and Open a new bar with the trusted title.
The hacker can use the vulnerabilities of the sites and use it for the XSS “cross site scripting” to inflict the victim, as the malicious link will actually send the user to the trusted site, thinking that security matters are achieved and the address shown in the address bar is the same as the address of the original site, except that the hacker has resorted To use a loophole on the site of the type XSS and thus can obtain the data that the victim will enter the site, and this exploit was exploited with the famous PayPal site in 2006.
6. Phone phishing:
Phishing is not limited to the use of malicious websites, as hackers send messages through the networks to users ’phones due to sending their data to complete certain procedures or the bank’s need to install some data, and sometimes they call them on the phone to solicit them with social engineering to send their data to their bank accounts
Other technologies:
- The hackers use an effective method of hunting, which is sending the victim to the original bank site and the emergence of a text message asking the user to enter the bank account data, and by this the user thinks that the request is from the bank's website
Wicked twin technology, a fraudulent phishing technology that is difficult to detect, as a hacker creates a fake wireless network that looks like a natural network in a public place like airports, cafes, hotels, etc. Once the victim uses this network, the hacker can capture the data in its forms (secret or public) that the user transmits with any other site through this network.
Report
