Phishing/spoofing are two terms that are slightly similar to one another, where the former means – a technique of trying to seize information, such as passwords/usernames, personal account information, credit card details, and so on. Raj B Lonsane states that the people/person behind it can actually pose as a legitimate website, thus bringing in the public that has no clue of this scamming feature. The latter term spoofing means pretty much the same but on a more program based concept. It also means masking one’s false identity while posing as a trusted interface amongst the public online.

According to Raj b Lonsane, phishing and spoofing are two extremely dangerous and damaging attacks that professionals online enact in order to get personal information or cause harm to the organization that runs the original interface. If one were to truly understand how this feature works, they would probably never log on to the Internet, but there are ways now of stopping them once the real company is aware of such a practice. There have been many cases where phishing has been a cause of concern with major organizations like AOL, RapidShare, and MySpace. The scary truth is that sometimes these acts aren’t even traceable and can go unnoticed if the team isn’t twice as smart as the perpetrator says Raj B Lonsane.

Raj B Lonsane adds that email spoofing is a common act done, where most of these filtered into what they called as either ‘junk mail’, or ‘spam’. You’ll notice how these emails look and sound fishy. They can be claims of winning the lottery which hundreds of people fall for, donating to a sick/injured individual, charity funds, misleading friend requests, and so on. The shocking part is that the people/person behind it, uses a known organization’s name to back their claim claims Raj B Lonsane. A lot of lottery emails come from companies Mircrosoft and Cola, where people are naturally misled into believing that the actual people have gotten in touch. One needs to understand how these random emails have no access to their information to even know who they are, to even put them up for a lottery worth millions.

Types of Phishing

There are different kinds of phishing techniques that online attackers have tried out over the past couple of decades; these are.

·          Clone Phishing: This is where the attacker uses a legit and previously sent email that has a link/attachment that contains content of the recipient’s address/es, and made into a cloned/similar email. It is then replaced with a duplicate version, so as to mask itself as the original sender when in fact, it is not. You’ll find this in the case of emails sent from someone you know, who has no clue about what you’re asking him/her as they deny the action. This is a common case of duplicating an original email by attackers online.

·          Electronic Phishing: This is where the attacker uses a deceitful way of grasping information linked to one’s personal details like passwords, credit card details, bank account information and so on. The attacker can then use this information by posing as either the original person to seize funds, or to manipulate the information in their favor in defaming the victim.

·          Whaling:  Any attack that is linked to high profile persons or those of a senior nature is termed as whaling. These are graver than other kinds of phishing, where the person in question is able to penetrate restricted frameworks.

·          Evil Twin: This type of phishing is done when the attacker uses a real public network within a public area, to quickly acquire information of those who log-on to it. These can be in wireless Internet areas like coffee shops, malls, or the airport. Any kind of information entered into the login website in order to use the Internet in these places, is immediately stolen.

Raj B Lonsane states that There is anti-phishing software available for those who want to protect valuable data, and delicate information like a system’s main framework. It is important that one know how to approach the situation, like the organization Anti-phishing Working Group who strives at keeping cyber attackers at bay from online portals. States Raj b Lonsane, it can prove to be quite an alarming way of manipulating information, and quite destructive if a person is able to break into the main frame of an organization that has sensitive data. They say that phishing is slowly turning into a thing of the past with techniques like malware and pharming now replacing the age-old ways of phishing. Nonetheless, attempts and successful endeavors have been made to keep such attacks at bay, given the rise of popular websites today that are trusted by the public.