Typical attack techniques

Phishing

  • Phishing is the practice of sending fraudulent communications that appear to come from a legitimate and reputable source.
  • A spoofing social engineer attacks are ofter deliverd by email, phone, text, etc. to get victims’ access credentials including user authentication, credit/debt card, and so on.

How to detect

  • URL with typosquatting: URL hijacking, prepending.
  • Different from legit site: spelling, fonts, design, etc.
  • Pretexting: attacks lie victim to get information with their situation they create.

Some types of phishing

Pharming

  • Poisoned DNS server/client vulnerabilities to redirect a legit site to bogus site
  • Harvest large groups of people.
  • Difficult for anti-malware software to stop.

Target-based

  • Phishing: do not have a specific target, general and less believable.
  • Spear phishing: a type of phishing that targets individuals, specific and more believable.
  • Whaling: a form of spear phising that targets high-ranking victims within a company.

Differnent bait

Vishing

Voice phishing is done over the phone or voicemail with some common situations:

  • Spoofing caller ID.
  • Fake security checks or bank updates.
  • Spoofing government agency.

Smishing

SMS phishing is done by text message with some common situations:

  • Forwards links or asks for personal information.
  • Credit offers and loans.
  • Profitable investment opportunity.
  • Call for charity.

Scam

  • Fake check or phone verification code scam.
  • Advance-fee scam.

Finding the best spot to phishing

  • Reconnaissance.
  • Background information.
  • Build believable pretext with above gatherd information.

Impersonation

  • Attackers pretend to be someone they aren’t to get details from reconnaissance.
  • Victim is someone higher in rank.
  • Throw tons of technical details around.

Eliciting information

  • Extract information from victims.
  • Vishing (Voice phishing) is seen regularly.
  • These are well-documented psychological techniques.

Identity fraud

  • Your identity can be used by others so you should keep personal information safe.
  • Attackers can get your identity to open an account in your name or to use your credit card information (credit card fraud).
  • Attackers gain access to your account or open new accounts (bank fraud).
  • Your information is used for loan or lease (loan fraud).
  • Attackers obtain benefits on your behalf (government benefits fraud).

How to protect

  • Never volunteer information.
  • Don’t disclose personal details.
  • Always verify before revealing details.
  • Verification should be encouraged, specifically valuable information.

Updated: