Drag

Kontaktirajte nas

Awesome Image Awesome Image

Cyber security 2023

What is phishing?

Writen by Marija

comments 0

Phishing is a type of online scam where attackers attempt to obtain sensitive information such as usernames, passwords, credit card information, and other personal information. This form of attack is quite common and can affect both individuals and businesses. In this article, we will explain what phishing is, who does it, who the victims are, some well-known examples of successful phishing attacks, and how companies can protect themselves from such attacks.

Phishing attacks are carried out by criminals who want to obtain sensitive user data. These can be individuals or groups acting independently or within organized criminal groups. Attackers use a variety of techniques to carry out phishing attacks, including fake websites, emails and even phone calls.

Fraudsters usually pose as trustworthy companies or organizations and then send users fake messages that try to trick them into clicking on links or downloading files. When a user does this, their data can be stolen or malware can be installed on their computer.

Anyone who uses the internet – from individuals to companies and organizations – can be victims of phishing attacks. Attackers often target users who have access to financial assets or sensitive information. However, less protected users, such as the elderly or those who are not web-savvy, can also be victims.

Examples of successful phishing attacks

In one of the largest cyber hacks in history, the 2013 Yahoo attack, the data of 3 billion users was stolen. The attackers gained access to usernames, passwords, phone numbers and other personal data. The consequences of this attack were far-reaching, with many users falling victim to identity theft and financial fraud.

In the 2013 attack on Target, attackers stole information on 40 million credit card customers of the American retail chain Target. The attackers gained access to the data with the help of malicious software, which they installed on the sales terminals in the stores. The consequences of the attack were enormous, with many customers suffering financial losses and Target suffering a huge loss of reputation and trust.

In 2016, an employee in the finance department of the Austrian company Fischer received an email purported to be sent by the company’s director, Walter Stephan. The employee then transferred almost 50 million euros to the cybercriminal’s bank account. The company was able to recover about 10 million euros when other employees realized that the fraud had been carried out – and the rest of the money was lost.

In 2017, authorities in Lithuania arrested a man named Evaldas Rimasauskas. The charge for which he was arrested was quite extraordinary: for several years he allegedly sent fake invoices to large companies, including Google and Facebook, stealing more than 120 million dollars. In large companies, finance departments handle thousands of transactions a day.

That is why it is easy for someone not employed by the company to forward an invoice that looks the same as everyone else’s – and get paid into their bank account. The authorities were able to recover about half of the money lost to the fraud, but the attack is a real demonstration of how important it is that employees in finance departments receive proper training to identify fake emails.

The protection of the individual is very important

The first step is for all of us to educate ourselves on how to identify fake emails and websites and how to act if phishing is suspected. It is important not to respond to suspicious messages and to never enter your personal information on a site you do not trust.

Another way to protect against phishing is to use an antivirus program and a firewall. These programs can prevent malware from entering your computer and alert you to suspicious activity.

In addition, you can also use two-factor authentication, which requires an additional level of verification of your identity when logging into your account. This can prevent an attacker from accessing your account even if they manage to steal your password.

One should always be alert and cautious when using the web. If you have received a suspicious email or notification, please contact the company or organization directly to verify that the message is genuine. This will reduce the chance of becoming a victim of a phishing attack.

In this way, you will also protect your company.

Tags :

Close Popup

We use cookies on our site for the proper functioning of the site and recording of site visits. By agreeing, you allow us to use cookies.

I accept Options
Privacy center Cookies
Close Popup
Privacy Settings saved!
Privacy settings

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. You can control your personal cookie settings here.

Types of cookies Privacy center Privacy policy Cookies
Recommended cookies
Cookies that the website needs for its normal operation.
  • wordpress_gdpr_cookies_declined
  • wordpress_gdpr_cookies_allowed
  • wordpress_gdpr_allowed_services
Analytical cookies
Cookies that the website needs for the purpose of analyzing the visit and user behavior.
  • _ga_6DLSMDWKK7
  • _ga
Decline all services
SAVE
Accept services