In recent years, the use of the Internet and the smart and digital world has increased a lot. So that nowadays the simplest human tasks can be done in a few seconds using the internet and a simple mobile phone; But this digital world, along with the unique possibilities for more well-being, comes with disadvantages and risks such as phishing attacks or cyber threats.
Phishing is known as one of the most dangerous cyber attacks in the world and can be a serious threat to various issues such as career, reputation and capital. In this content, we provide a complete description of phishing attacks and ways to identify and deal with them. To know more information in this field, stay with us until the end of this article.
What is phishing?
Before you want to get acquainted with ways to identify and deal with phishing; It is better to know the exact meaning of this dangerous attack.
“Phishing is known as a type of cyber attack and it gains access to a person’s information by sending SMS, email or Gmail. Of course, phishing attacks will be successful when the target person, after sending SMS from these people, trusts them and provides them with their information.”
All the actions of those who commit the crime of phishing are based on deceiving people. They send various tasks such as designing logos of reputable banks, providing information related to bank account problems, etc. in the form of e-mail or SMS to the target person and request him to click on the link sent to get the solution to the bank problems. Lottery prizes and… take action.
Unfortunately, those who click on the sent link and register their information on the desired site; information is dumped and all their information is available to phishing attackers.
Studies show that most phishing attacks are due to receiving financial information; But along with financial information, a lot of personal data is sent to phishing attackers.
What is the difference between phishing and farming?
Although phishing and pharming are both known as a type of cyber attack, they have many differences. The first difference between a phishing attack and a farming attack is in the type of information dump.
In phishing attacks, attackers try to communicate with a person through electronic communication, such as sending SMS, email, etc., and receive his information after building trust; But in farming, more advanced information dumping is done and the attacker collects the individual’s information by creating a fake website and transferring the user to it.
In a phishing attack, the attacker tries to send an SMS or email that contains a link to the addressee; However, in a farming attack, the attacker tries to redirect users from the original and secure site to their fake site by poisoning the DNS and take over the person’s information.
Types of phishing
Phishing, like many cyber attacks, is classified into different types. Phishing is usually categorized based on the type of attack the attacker is aiming for. Its types are:
spear phishing
Spear phishing is usually done with the aim of deceiving a person or organization. In order for the attackers to carry out the attacks with a spear method; They should file a case by collecting various information from the person or organization in question.
Finally, according to the information they have obtained from the organization or the person in question; They set up an SMS or an email that the person forcibly clicks on the desired link to solve his problem and the phishing operation is carried out. The time-consuming and difficult nature of gathering information about an organization or person for filing has caused this type of phishing to be considered one of the most complex types of cyber attacks.
cloning (clone phishing)
Simulation phishing or clone phishing is one of the most widely used types of phishing that usually most people are deceived and fall victim to this cyber attack due to not having enough information in this field. In phishing, attackers try to trick the target user by mimicking authentic emails. Actually, they copy the text of a valid email and send it to the person with a new email.
Imagine you are using a reliable site to buy recharge or internet. Suddenly, a message similar to the previous messages will be sent to you, which contains a link, and you will be asked to use this link from now on to buy recharges, etc.; Because the previous link has expired.
You, as a normal user, are definitely not aware of this cyber attack, and after clicking on the link and registering your bank information in Ping, your information will be dumped or you will be subjected to a phishing attack.
whaling
Walling or whale fishing is often included in the category of spear fishing or spear fishing; Because for cyber attacks in this way; There is a need to collect information and file; But whale phishing is usually done for financial scams or personal information from people who are interested because of high capital or special position. Many government officials and managers of various industries are drained of information due to this method.
the watering hole
In watering hole phishing, the attacker spends some time investigating and collecting information about the most sites that the targeted person visits during the day; will pay. Finally, the attackers of cyber attacks send malicious scripts to those sites, infecting them and draining the information of the target person.
What are the methods of dealing with phishing?
Unfortunately, most of those who are attacked by attackers do not have enough information in this field. Based on this, it is better to prevent this threat by learning ways to deal with phishing.
Some methods of dealing with phishing are:
- To deal with phishing on all your smart devices, such as mobile phones, laptops, etc., use strong antiviruses.
- Prevent unauthorized messages from being sent with the help of email spam filters.
- Avoid clicking on pop-up ads.
- Do not use your email to send financial information such as card number, initial card password, second password, card date, etc.
- from clicking on links that are sent to you by personal and suspicious accounts; avoid
- If an e-mail sends you a warning from banks and institutions, do not follow it and be sure to visit the branches of banks and institutions to check the warnings.
Be aware that one of the best ways to protect yourself after being caught in a cyber attack is to contact a computer crime attorney. Because these lawyers are well aware of the laws and will recover your rights as soon as possible.
What is the penalty for phishing?
As mentioned above, phishing is a type of internet fraud that a person can access the user’s personal or banking information by setting up non-authentic pings and steal, threaten and defraud that person. In Iranian law, phishing is considered a crime and is punishable.
“According to Article 1 of the Subsidized Crimes Law, if a person attempts to access and collect confidential personal information, he will be sentenced to 3 to 12 months in prison or 500 to 2 million fines. Also, according to Article 13 of the Subsidized Crimes Law, if a person gains access to a person’s confidential information, in addition to returning the information and property, he will be sentenced to one to five years in prison or a fine of 2 to 10 million.”
Conclusion
In the above article, we explained comprehensively what phishing is and what punishments the attackers face. As you know, by carrying out this cyber attack, attackers can cause a lot of financial and personal losses to you dear ones; So; It is better to consult with experts to file a complaint against the attackers immediately after the information has been leaked or threatened.
Getting help from a criminal lawsuit lawyer can speed up legal work and increase your chances of success in these lawsuits. Dadista Law Firm consists of seasoned lawyers and experienced and expert legal advisors who can guide you in this direction and increase the probability of trapping cyber attackers.