What is Phishing?
Phishing is a cybercrime which involves the stealing of sensitive, confidential information. This includes credit card details, usernames and passwords. Attackers would masquerade as a credible establishment, tricking victims into keying in personal information on a fake website or opening a malicious link that would instantly install a malware on the device.
How Does Phishing Work?
Phishing attacks often take place in the form of emails, instant messages and text messages. It involves users clicking on a manipulated link. The forged URL and website would look almost identical to the legitimate website.
Unsuspecting victims often suffer monetary losses. Phishing attacks result in a loss of USD 17,700 per minute, according to CSO Online.
Types of Phishing Attack
Spear Phishing: Spear phishing is targeted towards specific individuals or organisations. Attackers have in-depth understanding of the company prior to the execution of the attack. Victims are usually duped into revealing their login credentials. There is a high level of social engineering involved in successful attempts.
Whaling: These attacks are directed at senior executives and/or high-profile members within an organisation. The fraudulent content would appear as though it came from the senior management such as the CEO and the victim is required to act upon a request. Whaling exploits trusted relationships within an organisation to achieve access to privileged information.
Clone Phishing: Such attacks involve imitating a legitimate email that was previously sent out. Attackers would modify the email’s links or attachments with a malicious version. The email is then sent out with a spoofed email address, to trick victims into thinking that the email came from the original sender.
How Polaris Safeguards Your Web Application
- Phishing: Polaris can detect any phishing attempts that try to replicate your website’s contents or URL.
- Leaked Data: Polaris provides leaked data detection from a diverse pool of threat intelligence feeds.