Types of Phishing Attacks

By Sushma Chowta

In today’s era where everyone is using the Internet, the number of digital threats continues to grow exponentially. Various types of phishing activities are prevalent in the ecosystem. Listed below are a few types of phishing attacks you should familiarize yourself with and be able to recognize:

  1. Deceptive Phishing:

This is the most common kind of phishing attack. Usually, the email content is written in such a way that it looks like a legitimate email, but in actuality, the email is a deceptive email and will trick you into providing your personal information, such as your bank account number, your birthdate, your social security number, etc.

  1. Malware based Phishing:

Malware based phishing is injecting unwanted software or malware into a user’s system. This can affect the system at different levels depending on the malware. In some cases, it can corrupt a part of the operating system and randomly encrypt your files. Malware based phishing infects a smaller subsets of machines, especially the ones that have not been updated on their application and operating system patches.

  1. Keyloggers and Screenloggers:

Keyloggers and Screenloggers read the input from the user’s keyboard entries and sends it to the hacker via the Internet. This makes it easier for hackers to steal your passwords, credit card details, and other sensitive information. Hackers can embed themselves into user’s system and launch the malicious software at will.

  1. Content – Injection Phishing:

The hacker replaces a part of the actual content with masqueraded content which misleads the end user. You find this as a very standard practice in e-commerce sector where usually the payment has been camouflaged and hence the illegally huge amount of money is credited to false accounts.

  1. Data theft:

Data theft occurs when systems do not have proper protection like anti-virus, anti-malware or user access control like dual factor authentication. Such unprotected systems and systems with unprotected passwords or unsecured servers make themselves easy targets to having their confidential and sensitive data stolen, and extremely vulnerable to data theft.