Phishing is the attempt to obtain confidential and personal information, including a user name, password or bank card details from an individual through deceiving them into believing that they are communicating with a trustworthy or reliable source.
Phishing attempts are carried out through email spoofing where the email appears to be from one source, however, is actually from another and directs the user or recipient to enter personal information within an apparently legitimate website such as a bank, online payment processor, social media website, however, is actually fake.
There are various forms of phishing and these are explained further below
Spear phishing relates to the attempt to phish information from specific individuals or a specific company.
These types of phishing attacks often gather personal information about their target in order to increase their likelihood of success.
As an example, the phishing attack on Hilary Clinton’s email accounts during the 2016 Presidential campaign including attacks on 1,800 Google accounts using the accounts-google.com domain to deceive and threaten those targets.
Clone phishing is where a legitimate and previous email containing an attachment of link has had its content and recipient addresses taken and changed and used to create an almost identical email.
The original attachment to the phishing email is altered with a malicious version and then sent from an email address that is spoofed to appear to come from the original sender.
The user can then be directed to a malicious site containing software that may compromise the computer or request that they unwittingly complete personal details or information that may compromise their user accounts, bank details or personal records.
This phishing method can also be used to use on previously infected machine to exploit another by exploiting the trust of both parties receiving the original email.
Whaling is where a spear phishing attack is focused specifically at senior and high profile targets.
The content of the phishing email would be created to target an upper manager’s specific role, in the form of a customer complaint etc.
Those within higher positions of a company often have complete access to sensitive and commercial data.
The main aim of such a phishing target may be to obtain sufficient information from the target to allow for the computer system to become infiltrated or to manipulate the victim into authorising high value money transfers to the attacker.
Given that they are specifically targeted attacks, whaling attacks are often more difficult to detect and prevent than standard phishing attacks.
The attacker may send the target an email purporting to be from a trusted source that directs them to a customised malicious website created specifically for the phishing attack that may include the target’s name, job title etc obtained from different sources to provide validity to the site and to make it more likely that the requested information is entered.
In other cases the phishing attacker can send an email purporting to be from a higher level officer to another employee in an attempt to convince them to complete a financial transfer.
Phishing most often uses a form of technical deception to make a link in an email appear to be from a legitimate organisation or individual.
In order to do this type of phishing, the company url may be miss-spelled or slightly different from the actual address.
It is also common for the displayed text in a phishing email to relate to a reliable site, yet, when selected by the user, the hidden text actually directs the user to a different website where the deception can take place and required information obtained through appearing to be legitimate.
About Athena Forensics
For information on our digital forensic services or if you require any advice or assistance please contact a member of our team on 0845 882 7386 or via email on firstname.lastname@example.org, further details are available on our contact us page.
Our client’s confidentiality is of the utmost importance. All correspondence is treated with discretion, from initial contact to the conclusion of any computer forensics investigation.
Our digital forensics experts are fully aware of the significance and importance of the information that they encounter and we have been accredited to ISO 9001 for 10 years.
Our forensic experts are all security cleared and we offer non-disclosure agreements if required. Our premises along with our security procedures have been inspected and approved by law enforcement agencies.
Athena Forensics do not disclose personal information to other companies or suppliers.