What is Phishing attack? and How to detect and avoid Phishing attack?

Phishing attackers lure web (here email) users to login to fake websites (which resemble the original website), so that the account credentials like username and password are transferred to them. If users tried to login to these fake websites they will be transferred to the scammers. Attackers in most cases send fake emails and ask users to login to a site to reset their password. They use fake information from websites like PayPal, Hotmail, Citibank etc and ask users to login to change their account password or other important information. And once user click the link given in the email, a fake websites – resembling the original site is opened, there he enter his actual information (username and password). This important information is send to the spammer/attacker which they use to hijack your accounts or money transfer from bank account in most cases.

Techniques used in Phishing Attack

Below are the common techniques used by attackers/spammers –

Link Manipulation

In this technique Attackers use a domain name which resemble or looks like the original one. They use some form of technical deception designed to make a link in an email appear to belong to some trusted organization or spoofed organization. Misspelled URLs or the use of sub domains are common tricks used by attackers/phishers, such as this example URL

www.micosoft.com
www.mircosoft.com
www.verify-microsoft.com
instead of http://www.microsoft.com/

They also include original logos and other identifying information taken directly from legitimate Web sites. And to make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phishing site (2) or possibly a pop-up window that looks exactly like the official site.

These copycat sites are also called “spoofed” Web sites. Once you’re at one of these spoofed sites, you may send personal information to the hackers.

Filter Evasion

Phishers uses images instead of text to make it harder for anti-phishing filters/applications to detect text commonly used in phishing emails. This is the reason Gmail or Yahoo will disable the images by default for incoming mails.

Generic Text in email

Attackers send these emails to a large number or victims (people like you and me) so they use common or generic terms and sentences like

  • They never refer to you by your name in the email.
  • Subject of emails are also generic and provocative like –
    • Verify your account
    • Update your information
    • If you don’t respond within 48 hours, your account will be close
  • Email text is also generic, like
    • Dear Valued Customer
    • Click the link below to gain access to your account.

How to avoid Phishing Attack?

The most common, easy and powerful weapon is common sense. Just use your mind before clicking any link in email.

Other rules that every user should follow are –

  • Most web browsers (like Firefox, IE) these days comes with the Anti-phishing protection enabled.
  • Several email application, like Mozilla Thunderbird, Outlook and also online email services, like Gmail or Yahoo Mail, make use of phishing protection as well.
  • Never assume that an email is valid based on the sender’s email address. Check the language, images, links in the email.
  • You can check the link by moving mouse pointer on the link and viewing the status bar or the tooltip reveals the real Web address
  • A trusted bank/organization such as PayPal or banks will never ask you for your full name and password in email.
  • An email from trusted organization will never contain attachments or software.
  • Clicking on a link in an email is the most insecure way to get to your account.
  • If you receive an email from a Company and if you are not a customer of the site delete the email and don’t click on the link or reply.
  • If you are a customer and you are not sure if the email is legit do one of the following:
    • Contact the institute by phone or contact at the official website ( do not use the email link of course) and ask if the mail is official.
    • Instead of using the link provided open the website by typing in the official link there. The site should have news about the email on their starting page. (most of the time). If not, use 2a to verify the email.
  • Always type URL by hand in the address bar of the browser.
  • Always check the URL in the address bar. Is it pointing to the right website? Make sure you look close for chars that look similar, e.g. o and 0. or dashes in the name
  • Is it a https website? Is the SSL Certificate valid?
  • Does the website look different? Open another web browser tab to enter the URL manually just to be on the same side (if you have opened an external link)

I hope these measures will help you in preventing the Phishing Attack.

2 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.