Covid 19 made India see the biggest business transformational journeys and so has been the increase in the security breaches. Digitisation that would have been in company’s IT road maps probably in next 3-4 years has been preponed due to COVID- 19, the increase in Work from home, Job losses, etc has led to an increase in security breaches by almost 2,000 per cent during the pandemic in India, said experts at Pursuit 2021 — an event on cybersecurity organised by Internet and Mobile Association of India.

And the most common mode of the attacks has been phishing. Phishing has been the oldest traditional way of fooling people. Criminals believe deception and create a way of urgency to realize success with their phishing campaigns. Crises equivalent to the coronavirus pandemic (current scenario) provide those criminals an enormous chance to lure victims into taking their phishing bait.

Of the 50,000-plus fake login pages the company monitored, the top brands attackers used were those of leading e-com sites and payment gateways.

So here’s all that you need to know about Phishing!

“Phish” is pronounced similar to its spelling, that is to mention just like the word “fish” — the analogy is of an angler throwing a baited hook out there (the phishing email) and hoping you bite.

Phishing is a  sort of social engineering where an offender sends a deceitful (“spoofed”) message designed to trick a personality’s victim into revealing sensitive data to the attacker or to deploy malicious code on the victim’s infrastructure like ransomware.

It starts with fraudulent mails, messages, and links that are designed to lure a victim.The message is created to appear like it comes from a trustworthy sender.

It depends on the intention of the attacker, generally they’re happy with credit card and other financial details to urge monetary benefits, the other is a lot of people who plan/target specific companies then they aim at unknown staff and then the login credentials and other important details satisfies them. Cybercrime attacks such as advanced persistent threats (APTs) and ransomware often start with phishing.

Kinds of phishing attacks

  • Deceptive Phishing
  • Spear Phishing
  • Whaling
  • Pharming

There may be N number of security options but the only way to safeguard yourself is:

Educate: Educating the employees regularly about such techniques in case of organizations and for the general public spreading awareness through numerous social mediums.

Security Technology: No single cybersecurity technology will forestall phishing attacks. Instead, organizations should take a bedded approach to scale back the quantity of attacks and reduce their impact after they do occur. Network security technologies that ought to be enforced embrace email and net security, malware protection, user behavior monitoring, and access control.

Remaining Cautious is the only way apart from all the layered security levels against the attacks.

“Humans Err, that’s why Hackers always win.”