About Phishing | Review

Phishing - is a widespread method of cyber attack, it can be found in all social media and personal messages, the main goal of the attack is to trick the victim into obtaining information through the unconscious action of the victim.

Basic elements used by hackers in phishing attacks.

There are several phishing methods, such as:
Phishing by e-mail
Phishing with a social network
Phishing with a mobile device
Phishing website cloning

Phishing e-mails are frequent with the following method, a message arrives as if money should be transferred to our bank account, and we give them our data without thinking, as if we had a relative abroad who "died" and we need to transfer his money, this is one of the old-fashioned methods.

Phishing through social networks, i.e. a message comes to us on the social network, as if there is a lottery and we have to vote for a person, then we go to this page and enter our name and password on the site to vote... but at the same time, we are sending our own data to the hacker.

Phishing with mobile devices, there are two types, first for example we receive a text message to a mobile number to go to a link and perform a certain operation that will produce some result, but here everything is fake, just like during other phishing campaigns.
And the second category of phishing, where we are told to download a file from a link specified in a mobile device or computer and open it, but when we open the file, nothing happens, because in fact hackers build malicious codes in the files, which contain different categories of viruses, such as: stealer, rat, Trojan, Rootkit, Graber and so on.

Phishing by cloning, this is one of the strongest phishing methods, hackers mainly clone the standard original site, i.e. they write the details of the original site back and font, i.e. the codes that the site consists of, then they reach the original website and paste it (Shell - admin) Privilege taking, code execution) and put their cloned same site on the hacked site, when the victim enters the site, he does not realize that it is fake, because the SSL certificate is visible, and when the data is entered by the victim, the site is redirected (i.e. redirecting to the original website) and the victim cannot choose that the data was inadvertently sent to someone else.

Phishing is difficult to distinguish nowadays because it looks so similar to the real thing, the only way to protect yourself from it is to be careful in the Internet space.

- Do not go to links that do not have a high level of encryption (SSL Cert).
- Don't trust messages sent by someone else if you don't know them personally. But if you know him and he sends you a dangerous link, avoid it, because it is possible that he is already a victim of a phisher.
- Do not believe if you are promised financial or other benefits by clicking on any link, voting or any similar operation.
- Activate the 2-step authentication method on all social networks or Internet profiles.

This is the basic principle that you need to know when you are on the Internet and to protect yourself from phishing and other cyber attacks.