Articles by the cybersecurity community

Excerpt from book Unmasking the Hacker - phishing



The term phishing originates in 1996 with the
AOHell scammers and it is a type of technology-based
fraud where emails are made to appear as being sent
from legitimate companies or familiar people in order
to trick the recipients. There is nothing mystical in
why phishing is successful, and neither are the perpetrators
of this type of cybercrime shadowy figures in
hoodies. Phishing emails exploit human psychology,
using social engineering techniques, to trick the recipient
into providing their account credentials or paying
spoofed invoices. Common syntax in phishing emails,
for example, is designed to make the recipient act fast
without thinking their actions through, with their call
to immediate action, spoofed believable entities and
appeal to people to do the right thing. Phishing emails,
for example, often convey a sense of urgency2 which
encourages recipients to make panicked hurried decisions,
where they do not take the time to think
whether the message is legitimate.
Successful phishing emails rely on being believable,
playing to emotions and the false sense of security of
the recipient. These scam emails whether they are
baiting for credentials, money or intellectual property,
rely on being believable, they spoof trusted brands or
people and relate to everyday topics such as invoices,
correcting log in issues or post deliveries. Phishing
emails play to emotions with subject lines designed to
scare or promote a sense of urgency in the recipient, or
by cajoling or encouraging the recipient to do the right
thing and click the link to fix a payment for example.
Phishing emails also have success as end users may have
a false sense of security believing that spam filters will
block all malicious emails.


For more infomration on this book and where to buy it please visit this page > Demystify Cyber Book Launch <