An introduction to phishing

The information in this article applies to:

  • GFI MailEssentials for Exchange/SMTP 12
  • GFI MailEssentials for Exchange/SMTP 14

Article ID: KBID002585

Query keywords: anti-phishing, identity theft, phishing

What is phishing?

The term phishing was coined by ‘crackers’ to refer to the act of tricking people into revealing sensitive or private information. It relies on the fact that asking a large number of people for this information, will always fool at least a small number of people. In a phishing attempt, the attacker would typically create a situation where people believe that they are dealing with an authorized party, such as their bank. The attacker will then ask the victim for sensitive information such as credit card information. Much of this activity is automated and the target is typically a large number of Internet users. Therefore phishing is considered an opportunistic attack rather than a targeted one.

 
What is identity theft?

Identity theft refers to the use of another person’s identity, usually for financial gain or for defamatory purposes. Identity theft is a very broad term which refers to the use of sensitive or private information belonging to someone else. One example of identity theft is to perform credit card fraud. Phishing is one method used to perform an identity theft attack.

 
Why should I protect against phishing?

In an organization, different people hold information that can be considered sensitive or else can be particularly useful to outside parties. A phishing attacker will make use of non-technical (such as social engineering) methods to gain that information.

Phishing attacks usually target:

  • Bank information – such as VISA and PayPal accounts.
  • Username and password information.
  • Social Security numbers.
  • Mother maiden’s name or other information which can be used to retrieve forgotten or lost credentials.

The above information allows scammers to:

  • Make fraudulent charges on your credit or debit card.
  • Make use of your credentials on different online services, such as eBay, Amazon and others to commit crime without being caught (making it appear as though you committed the criminal action).

 
What does a phishing attempt look like?

A good number of phishing attempts make use of email to reach out to millions of possible victims. Such emails look very similar to the website of the company that these emails claim to be coming from.


To fool end-users, scammers make use of social attacks such as:

  • Making use of logos and other trademark properties.
  • The design of fraudulent email is copied from the legitimate website so that it looks exactly the same.
  • The ‘from’ address in the email looks as though it is from a legitimate email coming from the legitimate company.
  • Create a fake situation which requires user input – such as informing the victim that his/her account was compromised and asking him/her to confirm the account information.

Sometimes attackers can also make use of technical attacks so that their emails look more authentic. One such attack is called URL spoofing, and allows hyperlinks which redirect to the attacker’s site to appear as if the victim is sending the information to the correct web site.

Useful GFI MailEssentials for Exchange/SMTP links:
Overview | Features | Screenshots | Download trial | Pricing