How Phishing Campaigns Have Added A Few More Tools To Their Arsenal

Going on the internet can be hazardous. Not to your health but sometimes to your finances, your identity, and even your state of the mind. The internet is just like a microcosm of life. For the most part everything is safe and you do not have to be paranoid. But every now and then there is a hidden threat around the corner that you really should be worried about. And if you are not then it really might come back to bite you. This is why you get so many warnings of what to do when you are online. The threat is not everywhere online but the threats are real and they are something that you should always be concerned about.


One of the threats that was new at one point but now is becoming aged is the Phishing threat. For the people who do not know what phishing is, or have just forgotten what it is, we can give you a quick refresher to the term. The term phishing means that there are black hat hackers out there who are trying to get your personal information from you. So to get that information they set up websites that pretend to be more famous websites that you would tend to normally trust. There are usually big red flags when it comes to websites such as these. The graphics are usually off by a little bit and the biggest giveaway that it is a fake website is that the domain is not correct. It is usually a couple of letters off. We really should not call them black hat hackers because a crime like this is very low tech and is more in the script kiddies realm of doing things. More professional black hat hackers usually focus on higher level crimes that end up paying a lot more than a low scale phishing attack.

What the people who are creating the attacks usually do is set up a website that you can go to. They will send you an email about the site so that you know it exists. It is usually a website that they already know that you are a member of. When you go to the website you of course fill out your usually information and you try to log in. But in this case you find that you cannot log in because of course you are not on the right website. What you have done instead is give the bad guys the information that they were looking for. Now they will be able to log into your real account and do whatever they want to do.

As we mentioned in the title of this article, while this scam has been around for a while now, it is getting a little more advanced these days. For example, before, the bad guys would try to passively get you to go to the website by sending an email with a link in it. Now that is not the case anymore. Now some of the bad guys out there will try to hit you with a piece of malware that will force you to go the website. Once there, you think that it is the normal website and even though you were forced to the page you have no doubts on whether you should log in or not. The bad guys want you to think that the normal web page sent you there and not them. While it seems like this would not work, it really does. A lot of people are not aware of how links work when it comes to the internet and they think that may have just clicked on one.

There are other, more devious phishing attacks out there as well. This is still a threat that you have to be aware of when you surf the internet.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind