Phishing: what it is and how to protect yourself
Do you know what Phishing is and how it works? This type of virtual threat has become increasingly common.
That is, the practice, used by malicious people, is used to steal information from people. So, in addition to knowing what Phishing is, you also need to know how to protect yourself.
To help you, in this article we have separated a complete guide to explain what it is and how to protect yourself from this practice. Continue reading and learn more!
What is Phishing?
First of all, it is necessary to understand what Phishing is. The term arose from the similarity with the English vocabulary word, fishing. That is, the practice is nothing more than an attempt to "fish" information from a user on the internet. As in fishing, Phishing aims to obtain this information through bait.
For this, different communication channels are used, such as:
- Google search engines;
- chat from social networks such as Facebook, Instagram or WhatsApp;
- SMS messages;
But how does the practice of this virtual crime actually work? How is the victim's information stolen?
How does Phishing work?
In summary, in Phishing it uses the bait sent to the victim and, through it, collects the information. Although old, this cyber crime has developed and is much more dangerous today.
That is, the big difference is that now the fraudster has more channels of communication, and a greater ease of posing as a trusted person or company.
In most cases, a well-crafted email or message on social media is enough for the criminal to succeed in obtaining secret information.
To do this, Phishing attacks are divided into a few steps, such as: strategy planning (communication channel to be used and message elaboration):
- sending the message "bait",
- victim data collection,
- fraud, using stolen information,
- post-attack (clearing the tracks of criminal action).
In this sense, Phishing can be practiced in different ways. That is, the attempt to steal information depends, in addition to the channel, on how it is done.
With that, there are different types of Phishing. And to protect yourself, the ideal is to know which are the most common types in Brazil. Check out!
First, we have one of the most common types of Phishing. Blind Phishing consists of sending an e-mail, triggered to several recipients.
With this, the strategy is designed to reach the maximum number of people, with the expectation that some contacts will access the message.
In general, sending is done by e-mail, with links that collect user data.
Another common type is Spear. It occurs against a certain group, chosen in advance by the scammers.
For example, sending e-mails to employees of certain areas of the Government, or customers of a specific company.
In this way, the practice seeks to collect confidential information or confidential files.
Next up is Whaling. This variation aims to reach relevant people, such as high-ranking companies or state authorities.
To work, the strategy seeks to use the name of someone of relevance, such as the president of a corporation, sending the bait, for example, to those who work in that corporation.
With this, the strategy also seeks to make use of documents that convey seriousness, such as court subpoenas or company notifications.
Scam, on the other hand, seeks to target a broader group of victims, inducing people to provide personal information.
In this way, the scammer tries to collect data such as bank account numbers, credit card numbers and passwords.
For this, the bait is to forward via text message, e-mail or even via telephone, in general posing as victims' bank employees.
Finally, another very common Phishing practice is Clone phishing. Quite common, the scam occurs with the cloning of an original and secure website.
With this, the scammer seeks to attract users to collect data and information. In this sense, the most common is the cloning of shopping sites.
How to protect yourself from Phishing
Now that you know what types of Phishing are, you need to know how to protect yourself from this threat.
In summary, the best way to protect yourself from attempts to "fish" your personal information is not to enter suspicious websites, click on links or provide data to unknown contacts.
Furthermore, it is essential to be suspicious of messages that are sensational or that