The phishing techniques evolved around 1990 with AOL or America Online and over the period there are numerous techniques and methods used by the phishers to gain access to data and information of people. The word phishing has replaced the letter “f” with “ph” which was used as “phreaks” in the initial period of phishing. The phishing incidents in the contemporary cyber security concernsare used with more sophisticated techniques and methodologies to steal the data and information of the victim. The latest and advanced types of phishing techniques used by the attackers are vishing, Smishing, search engine phishing, spear and whaling.
The vishing is usually done through phone calls and because the voice is used over phone to perform the phishing it is called vishing, or the combination of voice and phishing happens to be vishing. There are adequate and enormous information available in the contemporary social media platforms which can be accessed by anybody. The phishers ultimately take this opportunity and confidently call the targeted victim using the name of his or her social media friends or any other relatives or known persons. Once the attackers gain the trust of the victim, they start convincing the target and ask for confidential and sensitive information including financial information of the victim and finally exploit the victim.
The Smishing is performed through SMS and the SMiShing is one of the oldest techniques of the phishers to gain access to the data and information of the victim. The phishers through smishing send false order detail or fake DM to the victim usually with a fake cancellation link. In fact, this link of cancellation is a fake page created by the attackers to gain access to the data and information of the victims.
Similarly, the search engine phishing refers to a fake webpage targeting keywords and when the victim through his or her searches enters into the fake webpage by clicking the link, the victim would never know that he or she is hooked and by the time the victim knows about the phishing, it would be very late.
The spear-phishing is somewhat similar to the traditional phishing, but here the attacker before sending the email to the victim does an extensive study about the victim from the social media. The spear-phishing is very commonly used by the attackers because it is easier to impress and motivate the victims. Finally, the whaling is similar to the spear-phishing, but the whaling is more specific and confined. In whaling, the attackers assume themselves or give an impression of CEO or CFO or any other senior managerial and responsible post of an organization or businessto motivate the victim.