Let us learn some types of phishing scams.
Phishing Scams :
(1) Malware-based Phishing :
- Malware-based phishing scam are the type of Cyber attack that use Malware to deceive victim.
- Malware is a type of software designed to harm or exploit any device it infects.
- In this attacker use phishing technique to spread the malware to the victim device, by impersonating themselves as legitimate person in the phishing message that leads them to cyber attack.
(2) Keylogger Phishing :
- Keylogger fishing scam is a type of Cyber attack that use keylogger to steal sensitive information from the victim.
- Keylogger is type of software that record every keystroke made on the device by the user or victim, such as password credit card number and other sensitive data.
- In keylogger phishing scam, the attacker use phishing technique to trick victim into downloading keylogger on their device to access their credentials.
(3) Session Hijacking Phishing :
- Session hijacking phishing scam is a type of cyber attack that use session hijacking to deceive the victims and steal their credentials.
- Session hijacking is a technique in which the attacker take over a users internet and can do anything the user could on the site.
- In this type of scam the attacker use phishing technique to steal the victims session ID or session cookie (important files) from the victims browser.
(4) In-session Phishing :
- In-session phishing is a type of phishing attack that targets the users who are already logged into a website.
- In this type of scam, the attacker use popup windows to deceive victim, that appears to be legitimate part of the website, to lure user to enter the website.
- Once the user enter the fraud website the attacker can steal the uses credentials and use them to access the users account.
(5) Web Trojans :
- A web trojan phishing scam is a type of cyber attack that use trojans to deceive the victim.
- A trojan is a type of Malware that disguises itself as a legitimate software to trap the victims.
- In this type of scam the victims credential are accessed by the attacker when they are attempting to log in into a fake website.
(6) Pharming :
- Pharming is type of online scam where does cyber criminals manipulates a website and lure the uses to a fake website that look like original one.
- The ultimate purpose or goal of the pharming is to steal the confidential information such as passwords, social security numbers, account number and other sensitive data from the user.
(7) Man-in-the-middle Phishing :
- Man-in-the-middle phishing attack is a type of phishing attack where attacker interrupt the communication between the user and the website they are trying to access.
- The attacker then pass the user’s information to the website and vice versa, making the user believe that they are communicating directly with the website which is fake.
- The attacker can then steal the user’s personal information such as login credentials, credit card details, and other sensitive information.