What does “Phishing” mean?
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and therefore money) by disguising as a trustworthy entity in an electronic communication. It is most often done for malicious reasons.
Wait, what does that mean?
An example can explain this better. Let’s imagine you receive an email from a service that you are signed up for eg. Uber. The email asks you to update your personal information and provides a link to click on. Following the instructions stated in the email, you clicked on the link. You are then redirected to another page where you are asked to enter personal information e.g.: usernames, passwords or a new payment method. After entering and submitting the information, nothing happens and you continue on with your day and it might take days or weeks until you start noticing strange charges on your credit card. That’s when you realize your credit card has been used by someone else.
Another type of Phishing attack might take the shape of an Executable Script. Remember that link that you clicked in the example email? Well, this time you click on it and nothing happens. By clicking on the link, you’ve initiated a script which started running in the background and nothing changes on your screen. The script may attempt to copy and send your cached usernames, passwords, or saved credit cards information. In both scenarios, the email was a fraud. Uber did not send that email. Someone who is pretending to be them did.
What does Phishing look like in the wild?
Above is a real-life example of the fake Uber email example we discussed above. I have not been scammed myself, but unfortunately, a co-worker of mine was the victim. She received an email which she thought came from Uber telling her to update her information (it’s in Spanish because that is how her language preferences are set).
Above email translates to:
The following information from your Uber account was recently updated:
– phone number
If you did not make this change or need help, visit:
Click Me Link
At first glance, the email seems legit and since you probably did not change your information recently the email sound very convincing. Most people would take action because everything looks perfect. Well, except for one thing. So, what is it?
After further analysis of the provided link, I noticed that the link is not secure i.e using HTTP protocol, not HTTPS. What are HTTP and HTTPS? The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. Find out more at Wikipedia. HTTPS (also called HTTP over TLS, HTTP over SSL, andHTTP Secure) is a protocol for secure communication over a computer network which is widely used on the Internet. Find out more at Wikipedia
Whenever you input a URL in your browser to visit major service provider eg. Facebook, Twitter or Instagram Well, this lock appears in the search bar. This means that the connection between you and the service is secure using HTTPS protocol. HTTPS is a protocol for your browser and a server (where service you are accessing is hosted) to communicate. HTTPS ensure confidentiality, integrity, and identity of this communication channel. On the other hand, some websites usually blogs and other small web services might use the less secure protocol Http. In this case, the connection is not secure and all security experts would advise you not to use your login information or share other personal information because they might be in danger. Using HTTP means that people who know about hacking techniques can intercept this connection with techniques called Sniffing or Man In The Middle Attack, which allows the attacker to collect all the information being exchanged between your browser and the service you are accessing. Also, the browser cannot guarantee that you are connecting to the original, actual service because other servers can obtain similar URLs and trick users into thinking that they are on the right page.
Ok, now that we have understood what is it, let’s see how big of a problem is it and who is likely to fall victim.
Shocking numbers and surprising demographic trends.
The Norton Cyber Security Insights Report explores the personal impact of online crime. In their 2016 online survey of 20,907 consumers in 21 markets, findings suggest that Millennials remain the most common victims of cybercrime, with 40 percent having experienced cybercrime in the past year.
The report also found that many consumers are unable to identify Phishing attacks. According to the report three in 10 people cannot detect a phishing attack, and another 13 percent have to guess between a real message and a phishing email, meaning four in 10 are vulnerable. The report also speculates that Phishing scams will likely remain a popular tactic for cybercriminals. Eighty-six percent of people said they may have experienced a phishing incident. Most people aren’t truly sure how to tell a real email from a fake email. Only half are doing it the right way by looking to see if the email is asking them to take a compromising action, like downloading attachments or sharing their passwords. Thirteen percent of those people took a compromising action like responding with personal details or clicking links.
Survey dataset info: The U.S. sample reflects input from 1,002 U.S. device users ages 18+. The
margin of error is +/- 3.1% for the total U.S. sample. The margin of error for the total sample is +/-0.68%. Data was collected Sept. 14 – Oct. 4, 2016, by Edelman Intelligence.