Phishing or no phishing?
A phishing kit comprises of the tools that an attacker would need to set up a ghost server. Typically, a phishing kit is a clone of a legitimate website that an attacker can redirect its victim to. Phishing: How it affects you?
Ideally, an attacker would set up a ghost server cloning any legitimate website (a spoofed website) to lure you. If you happen to be a victim, you would end up clicking on the hyperlink sent through a phishing email. The ghost server will then run a backend script to store your personal or financial data provided you enter such details.
The domain name of the spoofed website is of concern. There’s a chance that the spoofed URL might appear genuine but would consist of Cyrillic or other non-Latin characters. Xudong Zheng wrote an excellent description of domain spoofing. Google Chrome has already implemented the fix but Mozilla Firefox wants us to deal with it.
Following three categories exist:
Targets specific individuals only. These individuals are typically well-researched by the attackers. This type of email attack is intended to carry out more targeted attack later.
Intends to target someone more important. For example, senior executives in an organization could be targeted based on the time profiling.
Deals with the spoofed website but in this case either the user’s system is infected or website’s DNS server. A victim would type the correct URL but would still be trapped to the spoofed website.
Targets individual through deceptive emails. It is the most common form of phishing. A victim would end up providing their personal or financial data.
- Ensure that you use the correct URLs.
- Check if you are not redirected to a similar looking website for entering sensitive data.
- Ensure that the email source is legitimate.
- Don’t post or make your personal data public on any social media website.