when attackers send malicious emails designed to trick people into
falling for a scam. The intent is often to get users to reveal financial
information, system credentials or other sensitive data.
The term “phishing” came about in the mid-1990s, when hackers began
using fraudulent emails to “fish for” information from unsuspecting
users. Since these early hackers were often referred to as “phreaks,”
the term became known as “phishing,” with a “ph.” Phishing emails try to
lure people in and get them to take the bait. And, once they are
hooked, both the user and the organization are in trouble.
Phishing is an example of social engineering:
a collection of techniques that scam artists use to manipulate human
psychology. Social engineering techniques include forgery, misdirection
and lying—all of which can play a part in phishing attacks. On a basic
level, phishing emails use social engineering to encourage users to act
without thinking things through.
Cyber criminals use phishing emails because it’s easy, cheap
and effective. Email addresses are easy to obtain, and emails are
virtually free to send. With little effort and little cost, attackers
can quickly gain access to valuable data. Those who fall for phishing
scams may end up with malware infections (including ransomware), identity theft, and data loss.
The data that cybercriminals go after includes personal
information—like financial account data, credit card numbers and tax and
medical records—as well as sensitive business data, such as customer
names and contact information, proprietary product secrets and
Cybercriminals also use phishing attacks to gain direct access to
email, social media, and other accounts or to obtain permissions to
modify and compromise connected systems, like point-of-sale terminals
and order processing systems. Many of the biggest data breaches—like the
headline-grabbing 2013 Target breach—start with a phishing email. Using
a seemingly innocent email, cybercriminals can gain a small foothold
and build on it.
What is a Phishing Email?
The tips you should follow to avoid Phishing Emails.
1. Don't Always Trust the Display Name
2. Don't Respond and Don't Click
3. Pay Attention to Poor Grammar and Punctuation
4. Closely Review the Email Signature
5. Avoid Emails Demanding an Urgent Response
6. Don't be Fooled by Short Links
7. Pass Up That Irresistible Offer
8. Don't be Immediately Pushed to a Website
9. Never Provide any Personal Information
10. Look for an External Message Alert
Recent updates on DevOpsPal
Follow us of social for latest updates.
Links to get started.