PHISHING ATTACK (Syllabus: GS Paper 3 – Cyber Security)

Context: Verizon Business, a New Jersey-based provider of cybersecurity solutions, recently reported that India faces significant phishing attacks, with employees frequently falling victim to clicking on deceptive links or attachments, resulting in substantial financial losses.

Phishing Attack

• About: It refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information, or other important data to utilize or sell the stolen information.
• Trusted Sources: Attackers mimic reputable sources and make enticing requests to lure in victims, akin to how a fisherman uses bait to catch a fish.
• Common Examples: The most common examples of phishing are used to support other malicious actions, such as on-path attacks and cross-site scripting attacks.
• Delivery Channels: These attacks typically occur via email or instant message, and can be broken down into a few general categories.

Spear Phishing

• About: This type of phishing is directed at specific individuals or companies, hence the term spear phishing.

Clone Phishing

• About: It involves mimicking a previously delivered legitimite email and modifying its links or attached files to trick the victim into opening a malicious website or file.