Phishing - CompTIA Security+ SY0-701 - 2.2
Understanding Phishing: Techniques and Risks
What is Phishing?
- Phishing refers to social engineering tactics that use various communication methods to deceive individuals into believing something is legitimate when it is not. This often involves emails, texts, or other messages aimed at extracting private information.
Identifying Phishing Attempts
- Common targets for phishing include usernames and passwords. Users can check links in messages to verify if they lead to trusted sites; however, phishing links often redirect to unexpected locations.
- An example of a phishing email might impersonate a legitimate service (like Rackspace) but contain subtle discrepancies in formatting or sender information that indicate it's fraudulent.
Recognizing Red Flags
- A typical phishing message may create urgency by claiming an account will be blocked unless action is taken immediately, prompting users to click on malicious links without due diligence.
- The sender's email address can provide clues about legitimacy; discrepancies between the claimed service and the actual sender's domain should raise suspicion. For instance, an iCloud address claiming to be from Rackspace indicates a potential scam.
Consequences of Falling for Phishing
- Clicking on phishing links can lead users to fake login pages designed to capture sensitive credentials or even download malware onto their systems. Attackers employ various strategies like typosquatting and pretexting to mislead victims into providing personal information willingly.
Types of Phishing Attacks
Email Spoofing
- Attackers may spoof email addresses closely resembling legitimate ones (e.g., Professor@professormessor.com vs. professormesser.com) which can trick users into thinking they are communicating with a trusted source.
Vishing
- Voice phishing (vishing) involves attackers calling victims while pretending to represent banks or services, attempting to extract sensitive financial details over the phone under false pretenses.
Smishing