What is phishing? Type of phishing by Anonymous TIM3

Arman Hossain March 09, 2020



  • So we r going to discuss here phishing method (definition, example, types, sensitivity, safety tips)

  • ЁЯФ┤ЁЯФ┤ЁЯФ┤ЁЯТвЁЯТвPhishingЁЯТвЁЯТвЁЯФ┤ЁЯФ┤ ______


  • Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. It is usually done through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is a common type of cyber-attack that everyone should learn about in order to protect themselves. 

  • How does phishing work?


  • Phishing starts with a fraudulent email or other communication that is designed to lure a victim. The message is made to look as though it comes from a trusted sender. If it fools the victim, he or she is coaxed into providing confidential information, often on a scam website. Sometimes malware is also downloaded onto the target’s computer.
  • In phishing, there's a page that looks exactly the same as the original. It can be sent to the victims in different ways like through social media, cellular messages, Emails, etc.

  • What are the dangers of phishing attacks?


  • Sometimes attackers are satisfied with getting a victim’s credit card information or other personal data for financial gain. Other times, phishing emails are sent to obtain employee login information or other details for use in an advanced attack against a specific company. Cybercrime attacks such as advanced persistent threats (APTs) and ransomware often start with phishing.
  • By a phishing attack, a hacker can gain your full personal information. Your login details, admin panel everything ЁЯТв


  • ЁЯФ┤Examples of phishing attacks types of a phishing attack


  • ЁЯФ┤Spear phishing

  • Spear phishing targets specific individuals instead of a wide group of people. Attackers often research their victims on social media and other sites. That way, they can customize their communications and appear more authentic. Spear phishing is often the first step used to penetrate a company’s defenses and carry out a targeted attack. According to the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing.

  • ЁЯФ┤Whaling

  • When attackers go after a “big fish” like a CEO, it’s called whaling. These attackers often spend considerable time profiling the target to find the opportune moment and means of stealing login credentials. Whaling is of particular concern because high-level executives are able to access a great deal of company information.

  • ЁЯФ┤Pharming

  • Similar to phishing, pharming sends users to a fraudulent website that appears to be legitimate. However, in this case, victims do not even have to click a malicious link to be taken to the bogus site. Attackers can infect either the user’s computer or the website’s DNS server and redirect the user to a fake site even if the correct URL is typed in.

  • ЁЯФ┤Deceptive phishing

  • Deceptive phishing is the most common type of phishing. In this case, an attacker attempts to obtain confidential information from the victims. Attackers use the information to steal money or to launch other attacks. A fake email from a bank asking you to click a link and verify your account details is an example of deceptive phishing.

  • ЁЯФ┤Office 365 phishing

  • The methods used by attackers to gain access to an Office 365 email account are fairly simple and becoming the most common. These phishing campaigns usually take the form of a fake email from Microsoft. The email contains a request to log in, stating the user needs to reset their password, hasn’t logged in recently, or that there’s a problem with the account that needs their attention. A URL is included, enticing the user to click to remedy the issue.

  • Some tips for avoiding phishing

  • ЁЯФ┤Avoid strangers, check name and email address
  • ЁЯФ┤ Don’t rush, be suspicious of emails marked “urgent”

  • ЁЯФ┤Notice mistakes in spelling and grammar

  • ЁЯФ┤Beware of generic greetings, “dear sir/ma’am”

  • ЁЯФ┤ Don’t be lured by incredible “deals”

  • ЁЯФ┤ Hover over the link before you click to ensure it has a secure URL (HTTPS://)

  • ЁЯФ┤Never give out personal or financial information based on an email request

  • ЁЯФ┤Don’t trust links or attachments in unsolicited emails


So guys here are some websites that provide phishing links and servers _
1.z shadow
2.Shadow wave
3 Anomore 

The tools You can use in ur terminal for phishing are-

ЁЯФ┤Shellphish
ЁЯФ┤SocialSploit
ЁЯФ┤Hidden eye
ЁЯФ┤BlackEye
ЁЯФ┤GhostPhisher
ЁЯФ┤ Socialphish
ЁЯФ┤SET

There are many more but these are some examples of phishing tools and websites..
Admin will be not responsible for ur any misuse of these tools...I am providing here for the knowledge and penetration testing only ЁЯСН

If u know any others then comment down below ЁЯСНЁЯСН Don't forget to follow us on social media 
Tags:

Post a Comment

2 Comments