AnubisNetworks

Phishing attacks against companies increased by
350%

WILL I BE NEXT?

To ensure the security of your company, AnubisNetworks has created a tool to assess possible security breaches on your domain.

What is Phishing?

Phishing mobile

Phishing is a type of crime that employs social engineering and internet technologies in order to commit fraud or theft.

Through deceptive and misleading speech, attackers target unsuspecting victims, deceiving them into believing they are dealing with a trusted and legitimate person or entity.

By corrupting technologies, attackers disguise their identity to appear legitimate. For example, using fake email addresses or websites. The execution of the attack can be given by the injection of malware in the victim(s) systems.

A phishing attack is aimed at stealing consumers' personal identity and financial account credentials. Phishing is also an effective technique for corporate espionage or data theft. Some attackers go so far as to create fake profiles on social media and invest time in building a relationship with potential victims and only activate the attack after establishing trust with the victim.

The Parts of a Phishing Attack

  • Phishing by email

    By far the most common method. Emails often contain attachments that contain malware and/or links that lead to malicious websites. Other types of social engineering for phishing can include phone calls, SMS, and social media conversations.

  • Phishing websites

    Phishing sites are fake copies of real known and trusted sites, with the aim of tricking victims into entering their data (e.g., credit card).

  • Malware, Malware websites and Malware links

    The intent of a phishing attack can culminate in getting the victim infected by malware, which is triggered through malicious files, links and websites that automatically install malware.

  • Spoofing

    By accessing compromised accounts (e.g., email or social media), attackers are able to establish trusted communications with victims.

Phishing - As peças para um ataque de phishing

Phishing Types

Phishing - Tipos de phishing
  • Spear phishing

    Spear phishing occurs when phishers customize their attacks to target specific individuals (instead of launching large-scale attacks). Typically using information from social networks, attackers customize their attacks. If these attacks target very important people (for example, a company’s chief financial officer), you can use the designation of Whaling.

  • Business Email Compromise (BEC)

    Also known as CEO Fraud, attackers pretend to be the CEO of a company or another executive in order to get other employees to facilitate access to information, or to make fraudulent payments.

  • Pharming, Link Manipulation, and Cross-Site Scripting

    Technological tricks are used that totally or partially replace the need for social engineering. For example, DNS cache poisoning is a pharming technique that automatically redirects users from a legitimate website to the attacker's spoofed version.

Some statistics

Estatísticas e referencias