Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Computer security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Phishing=== [[File:PhishingTrustedBank.png|thumb|An example of a phishing email, disguised as an official [[email]] from a ([[fiction]]al) bank. The [[sender]] is attempting to trick the recipient into revealing [[Confidentiality|confidential]] information by confirming it at the phisher's website. Note the misspelling of the words ''received'' and ''discrepancy'' as {{typo|rec''ie''ved}} and {{typo|discrep''e''ncy}}, respectively. Although the [[URL]] of the bank's [[webpage]] appears to be legitimate, the hyperlink points at the phisher's webpage.|324x324px]] [[Phishing]] is the attempt of acquiring sensitive information such as usernames, passwords, and credit card details directly from users by deceiving the users.<ref>{{cite web |url=https://www.case.edu/its/kba/its-kba-27196-phishing-attempt/ |title=Identifying Phishing Attempts |publisher=Case |archive-url=https://web.archive.org/web/20150913200707/http://www.case.edu/its/kba/its-kba-27196-phishing-attempt/ |archive-date=13 September 2015 |access-date=4 July 2016 }}</ref> Phishing is typically carried out by [[email spoofing]], [[instant messaging]], [[Text messaging|text message]], or on a [[Telephone call|phone]] call. They often direct users to enter details at a fake website whose [[look and feel]] are almost identical to the legitimate one.<ref>{{Cite web |title=Protect yourself from phishing β Microsoft Support |url=https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 |access-date=2023-12-06 |website=support.microsoft.com}}</ref> The fake website often asks for personal information, such as login details and passwords. This information can then be used to gain access to the individual's real account on the real website. Preying on a victim's trust, phishing can be classified as a form of [[Social engineering (security)|social engineering]]. Attackers can use creative ways to gain access to real accounts. A common scam is for attackers to send fake electronic invoices<ref>{{cite web |last=Lazarus |first=Ari |date=23 February 2018 |title=Phishers send fake invoices |url=https://www.consumer.ftc.gov/blog/2018/02/phishers-send-fake-invoices |access-date=17 February 2020 |website=Consumer Information |language=en}}</ref> to individuals showing that they recently purchased music, apps, or others, and instructing them to click on a link if the purchases were not authorized. A more strategic type of phishing is spear-phishing which leverages personal or organization-specific details to make the attacker appear like a trusted source. Spear-phishing attacks target specific individuals, rather than the broad net cast by phishing attempts.<ref name=":3">{{cite web | website=Trellix | title=Email Security | date=17 May 2022 | url=https://www.trellix.com/en-us/platform/email-security.html | archive-url=https://web.archive.org/web/20220522081555/https://www.trellix.com/en-us/platform/email-security.html | archive-date=22 May 2022 | access-date=24 October 2022 }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)