In this article, we will continue discussing one of the most common types of cyberattack: phishing. Phishing is a set of techniques that aim to deceive a victim and gain their confidence by impersonating a trusted person, company, or service (impersonation of a trusted third party). The impersonator is called a phisher. The goal is to manipulate the victim and make them perform actions they should not perform (revealing confidential information or clicking on a link).

 

Types of phishing

Types of phishing

Email phishing

Most of these phishing messages are sent via spam. They are not personalized or targeted at a specific person or company; their content varies depending on the phisher’s target. Common phishing targets include banks and financial services, email and cloud productivity providers, and streaming services.

Voice phishing

Voice phishing is the use of the telephone to carry out attacks. Attackers use VoIP (Voice over IP) technology to make numerous fraudulent calls cheaply or free of charge to obtain codes, passwords, or bank details from the victim, who is often unsuspecting

SMS phishing

Smishing is a form of phishing in which mobile phones are used as the attack platform. Smishing attacks typically invite the user to click on a link, call a phone number, or contact an email address provided by the attacker via an SMS message—the criminal attacks in an attempt to obtain personal information, including credit card or social security numbers.

Page hijacking

It is achieved by creating an illegitimate copy of a popular website where visitors are redirected to another website when they log on.

Calendar phishing

Calendar phishing is when phishing links are delivered via calendar invitations. Calendar invitations are sent that, by default, are automatically added to many calendars.

 

Kartos by Enthec helps you locate active phishing campaigns

Kartos Corporate Threat Watchbots is the monitoring and cyber surveillance platform developed by Enthec for the protection of organizations. Among its capabilities, the real-time location of active phishing campaigns with the usurpation of corporate identity and their monitoring until they are entirely deactivated stand out. Contact us for more information on how Kartos can help you protect your organization against phishing and other threats.