Free PC Diagnostics
Windows Boot Errors
Secure your PC
Link to us
Phishing is an attack that uses email or Web site content to trick victims into doing things that they would not normally do. Phishers succeed by establishing a sense of trust with the victim. The general class of such attacks is known as social engineering attacks. Examples of social engineering attacks include:
• Calling an employee posing as a service desk technician and asking for the employee’s password to troubleshoot a problem with network logins.
• Sending a legitimate-looking email claiming your account with a well-known online retailer has been compromised and requesting you click an embedded link to go to a form that will allow you to update your password.
• Requesting that users take a brief survey about customer services in return for a cash payment. The link provided in the email links to a phishing site that downloads malicious software, such as a keylogger that captures usernames and passwords for banking and other financial services businesses.
1. Establish the victim’s trust using a “lure,” typically an email that appears legitimate.
2. Convince the user to take an action that will enable the capture of confidential
3. When the action in step 2 is taken, collect the confidential information and terminate the session.
Phishers have developed multiple techniques for each of these steps