Phishing is a type of fraud that involves impersonating another person or institution in order to extract data that can then be used for another crime. Most commonly, this involves information that will help gain access to the assets of the person being defrauded. In this lesson you will learn more about the types and examples of phishing attacks.

 

Content

• What is phishing?
• Examples of types of phishing attacks
• Phishing related to cryptocurrencies
• How to reduce the risk of being scammed?

 

What is phishing?

Phishing is a type of fraud that involves impersonating another person or institution in order to extort data such as login details, credit card and bank account details or sensitive company information.

The aim of phishing is not to attack devices or software, but rather humans and the information they possess. Human error, not a vulnerability in system security, is usually responsible for the success of such an attack. For this reason, phishing is classified as a social engineering attack involving psychological manipulation.

 

Examples of types of phishing attacks

Email

The use of e-mail is the most common form of a phishing attack, which involves sending a user an email containing a link designed to attract interest or concern. Hackers try to get the recipient to click on the link and enter sensitive information into the website that it redirects to.

Vishing

This type of attack is carried out via a voice call. The attacker calls the victim's phone and tries to get the victim to hand over information or complete some kind of bank transfer.

Smishing

Similar to vishing, hackers send the user a text message via communicator or SMS, asking them to click on a link or call the sender back. A common method is impersonating financial institutions, such as banks or cryptocurrency companies, to gain the user's trust and persuade them to perform the requested action, which could result in the loss of confidential data or fraud.

Spear phishing

Spear phishing targets specific individuals or groups, rather than the general public. Attackers use information they already have about their victims, gained from social media or data leaks. This allows the attacker to create more credible and effective messages that can increase the chances of deceiving the victim and getting the information they need.

Whaling 

Similar to spear phishing, whaling targets specific people, but focuses mainly on those in high positions within the company.

Clone phishing

Clone phishing involves copying the content of an original email message and then modifying it by replacing a malicious link or attachment. The modified message is sent out to users, impersonating a real organization or company.

Search engine phishing

This is a form of attack in which hackers try to get a high position in search engine results. Then, when users click on the displayed link, they are redirected to a website that has been spoofed by criminals. Through this site, hackers may try to phish sensitive information.

Pharming 

Considered by some as a type of phishing attack, pharming involves redirecting web traffic from a legitimate website to fake sites controlled by cybercriminals. From these fake sites, hackers can steal sensitive information or try to get users to reveal their credentials or download malware. This is an attack carried out at the DNS level, in which the user is unknowingly redirected to a fake website that looks identical to the original one. Even if the user checks the URL carefully, he won't be able to detect that he is on an unauthorized site, because the URL may be exactly the same as the original one.

 

Phishing related to cryptocurrencies

Cryptocurrency-related phishing increased by 40% in 2022.

According to a new report from Kaspersky, the financial threat landscape experienced significant changes in 2022. Cybercriminals shifted their attention to new areas, including the cryptocurrency industry. The company recorded more than 5 million phishing attacks within the cryptocurrency industry. In comparison, there were 3.6 million attacks in 2021.

According to the ”ENISAThreat Landscape” report from 2022, one of the main cyber threats last year was social engineering, covering a wide range of activities that attempt to exploit human error or human behavior to gain access to information or services. This group of threats mainly involves vectors such as phishing, spear- phishing, whaling, smishing or vishing.

The report also noted that phishing is the most common method of gaining initial access to an attacked system with regard to ransomware attacks.  Advanced phishing methods and targeted, contextual actions led to this increase.

Industries Most Targeted By Phishing Attacks

 

Examples of phishing activities using the zondacrypto logo:

1. Here you can see two phishing sites (coinzdtrade.com, zondadeal.com) using zondacrypto's logo, aiming to phish for users' account access details and to attract new users who create an account on the fake site and deposit funds there:

 

2. Here is an example of a fake Facebook profile announcing false distribution of airdrop funds. Posts with tags of various Facebook users were published on the profile, prompting them to click on the link to receive the "reward”:

When the link was clicked, information about the supposedly received funds appeared, and when the CONTINUE button was clicked, a fake account login panel directed the user to enter a login, password and 2FA code:

3. Here is an example of search engine phishing. Users who wanted to search for our exchange's website via Google ended up with ads positioned at the top of the search results:

By clicking on a link from the ads, the user was redirected to one of the following fake sites:

•     zonda-exchange.at
•     zondaexchange.at
•     zonda-exchange.online
•     zonda-exchange.co
•     zonda-exchange.com
•     zonda-exchange.net 

The user was asked to enter a login, password and 2FA when logging in to the phishing site.

While the "waiting to log in" image appeared, the hacker attempted to log in to the authentic exchange website using the credentials he obtained from his victim:

 

4. Below is another example of search engine phishing. The website is impersonating our website in order to obtain login credentials for the TrustWallet cryptocurrency wallet. The fake addresses looked like the following:

• zondacrypto-wallet.com
• zondacrypto-wallet.ga

This wasn't an attack targeting our users' accounts on zondacrypto, but it attempted to obtain victims' TrustWallet login credentials using our logo to build trust among victims:

Beware Of Fake Sites!

Use Only The Following Domains:

https://zondacrypto.com

https://auth.zonda.exchange 

 

Why Is Phishing A Serious Threat?

The consequences of an attack can be very severe for the victim, especially if a person shares his or her login information to a bank, cryptocurrency exchange, wallet or other online services. If hackers get the victim to log in to a fake site, they can impersonate that person, withdraw their funds. Likewise, if hackers infect a victim's device with malware, they can take control of the victim's computer, blackmail that person and try to extort money. To avoid these dangers, it’s important to know how to protect yourself from phishing.

 

How to Reduce the Risk of Being Scammed

1. Always pay attention to what site you log on to. Remember that fake sites created by scammers can look very similar to authentic ones. Once you log in to a fabricated website, fraudsters can easily capture your data. 

In finely crafted phishing attacks, criminals use very similar domains to avoid the risk of victims detecting the scam before entering their login credentials. 

Verify that the website address is correct: 

• Confirm that it's a valid domain (e.g., zondacrypto.com, not zonda-exchange.com); that there are no typos and modified characters (e.g. "q" instead of "g", "rn" instead of "m"); and there are no "unusual characters" from other alphabets in the site address (e.g. "ķ" instead of "k").
• Before you click anything, take a close look at the email you received. Place your cursor on the source email address or link you are about to click.

Also keep in mind that even if the sender's email looks credible, it doesn't mean the message came from him. In fact, the "From:" field can be modified quite easily by the author of the message. Anyone can send an email that displays any email address in the sender field.

2. For ease of use, you can add the page of a particular exchange or any other service to the bookmark bar and use it to log in to the website.

3. Think twice before clicking any link leading to claiming a "reward" in the form of cryptocurrencies. If something looks too attractive to be real, it most likely is.

4. Be careful with the attachments you receive in emails. It’s worth paying attention to their extensions. The file “invoice.exe” is not a PDF file, even if it has an icon normally associated with such files.

Before taking any action, consider verifying such messages through another communication channel with the sender. Be especially wary of messages that pressure the recipient to act quickly and threaten unpleasant consequences, such as the threat of blocking a bank or investment account.

Remember that phishing is getting more sophisticated and attackers are using more advanced methods, so you need to be extremely careful and watch out for suspicious attempts to phish for sensitive information.