In today’s techy world phishing attack and
cyber-attack are very common, these are the type of social engineering attack which
appears to be normal and hard to recognize at times. These social engineering
attacks have many techniques to obtain personal information, computer systems,
technology-dependent enterprises and networks information from users. As
technology is becoming more advanced and more convenient it’s also giving an
opportunity to attackers to create many ways to perform social engineering
attacks. Below are the types of attacks
Types of Attack:
Gathering sensitive information: This kind of messages and calls aim to trick
the user into revealing sensitive information that the attacker can use to
breach a computer system or account. The usual version of this scam involves
sending out an email or calls from a major company by spamming out the emails, messages
or calls to a bunch of people assuming
that the recipients will be the employee or company of that company.
Malware: Like a great deal of spam, these
sorts of phishing messages plan to get the casualty to taint their own
particular PC with malware. Regularly the messages are “delicate focused
on” — they may be sent to an HR
staff member with a connection that implies to be an occupation searcher’s
resume, for example. These connections are regularly. compress records, or
Microsoft Office reports with pernicious inserted code.
Internet Based Delivery: it’s one of the most sophisticated
phishing techniques, the hacker is trying to steal information through the original website and the phishing system and
the Phisher trace the information during the transaction between the authentic
website and the user and user will not be knowing about it.
Internet phishing can be prevented by
various steps and employee should be educated:
An employee should be trained by the learning
center over the use of outside URL and look carefully for misspelling or other
Provide your username
password only over to a secure connection. Make sure the ”https” prefix
before the site URL.
A message from the official company or
organization, such as banks or another online shopping site, airlines. Even internal messages from your own
office. It’s simply not that hard to fabricate a fake letter that looks like a
In the office computer or laptop, the user should not be given admin
rights. And they should have limited access to online sources as they might download some Malware from the internet.
The IT policy of the company should be in such a way that the employees need to change their passwords periodically
and there have to be some unique
characters to be followed by the employees every time when they change the