Class : bsc 2nd year
Subject: computer network and information security
Subject type: major 1
Compiled by: Asst. Prof. Vibha barod
What is Phishing?
Phishing is a cyberattack where attackers use fake messages or websites to trick victims into giving away sensitive information. It works like "fishing," using bait to lure targets into clicking harmful links or entering confidential data.
Goal: steal sensitive info (passwords, credit card details, SSNs, DOB).
Attackers impersonate trusted brands or services.
Most phishing happens through emails that look genuine.
🎯Types of phishing attack
1. Email Phishing
Mass emails sent to many users.
Pretend to be from banks, universities, companies, or cloud services.
Goal: click a malicious link or open an attachment.
Example: "Your account will be suspended—verify now."
2. Spear Phishing
Targeted phishing aimed at a specific person or organization.
Uses personal details (name, role, institution).
Example: Email to a PhD scholar posing as a supervisor asking for document access.
3. Whaling
A form of spear phishing targeting high-profile individuals (HODs, CEOs, administrators).
Often involves fake legal notices or financial approvals.
4. Smishing (SMS Phishing)
Phishing via SMS/text messages.
Contains malicious links or fake OTP requests.
Example: "Your KYC is blocked. Update immediately: "
5. Vishing (Voice Phishing)
Phishing through phone calls.
Attackers impersonate bank officials, police, or tech support.
Example: Asking for OTP or card details during a call.
6. Clone Phishing
A legitimate email is copied and resent with a malicious link or attachment.
Claims to be a "resend" or "updated version."
0 comments:
Post a Comment