Phishing is an attack where attackers trick users into clicking harmful links or directing them to a shady website. It can be conducted through text messages, social media, or phone calls, but is primarily focused on emails. Phishing emails can reach millions of users and hide among benign emails. Attacks can install malware, sabotage systems, or steal intellectual property and money. Phishing emails can target organizations of any size and type, either as part of a mass campaign or as the first step in a targeted attack, with the attacker using employee or company information to make their messages more persuasive and realistic.
general email spams targeting all individuals
personalized email spams targeting specific individuals
spear phishing techniques targeting senior executives and other high-profile individuals
is a legitimate email with an attachment or link is copied and modified to contain malicious content and then sent from a fake address made to look like it’s from the original sender
Vishing is a cyber-attack using voice and telephony technologies to trick individuals into revealing sensitive data, including personal information or business-related details, to unauthorized entities. The attackers spoof the calling phone number to appear as if it is coming from a legitimate bank or institution. In addition, the attackers will pressure targeted users into sending money immediately, either using credit cards, bank transfers, or even gift cards. Ignore calls from unknown numbers
Smishing is a phishing attack that uses text messages from a cell phone or smartphone to deliver a bait message. Victims are often asked to click a link, call a number, or contact an attacker’s email address, potentially providing private information. This difficulty is compounded on mobile devices due to limited URL display. Smishing can be just as effective as email phishing due to fast internet connectivity and unusual phone numbers.
Pharming, a portmanteau of the words “phishing” and “farming”, is an online scam similar to phishing, where a website’s traffic is manipulated, and confidential information is stolen. In essence, it is the criminal act of producing a fake website and then redirecting users to it. pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer.
Identity theft involves obtaining someone’s personal or financial information to commit fraud, resulting in unauthorized transactions and purchases. Victims often suffer damage to their credit, finances, and reputation.
ATM fraud is basically the fraudulent activity of gaining illegal access to someone’s ATM card and PIN to withdraw money from their account. Criminals install devices on ATMs to obtain/skim the card account details and record the PIN number entered by customer. This information is then used to make unlawful cash withdrawals with counterfeit cards.
Skimming is a method of obtaining personal data from ATM, debit, or credit cards while they are used at an ATM machine or a merchant location. Skimming occurs when devices illegally installed on ATMs, point-of-sale (POS) terminals, or fuel pumps capture data or record cardholders’ PINs. Criminals use the data to create fake debit or credit cards and then steal from victims’ accounts.
Shimming is a method used to capture information from chip-enabled cards and are much harder to detect because they are located inside of card readers of ATM or POS.
Cloning refers to making an unauthorized copy of a credit card.
Trapping involves hacking an ATM so that credit cards get stuck inside it. The thief then offers to help the user, asking them to re-enter their PIN so that he/she can memorize it. Then all the thief needs to do once the victim has gone is to retrieve the card from the machine.
Keyboard jamming involves criminals installing devices inside ATMs that prevent users from using key buttons, allowing them to withdraw money. If the transaction fails, the victim leaves frustrated, leading to scammers completing the transaction and stealing the money.