Phishing is a data collection technique, which can be considered a computer crime since it seeks to deceive people into consciously or unconsciously sharing confidential information from a platform or entity such as passwords, usernames, emails or even credit card numbers.
Phishing is a pun that seeks to allude to another word “Fishing” . There are various ways and techniques to capture a prey, this set of techniques is known as social engineering, and thanks to this concept countless ways have been created to collect information illegally or unethically.
In the phishing process there are various ways or methods to obtain information, and one of the most common is when victims receive an email or text message that seeks to imitate a message from some platform, entity such as a bank or even a trusted person such as a family member, friend or co-worker. The tricky thing about this deception system is that when the procedure is well designed, when you open the email or text message, you are going to find a message almost identical to an official message, and usually the narrative of the message seeks to create in the user a distrust about their security, since sometimes they mention that “X platform data has been compromised” what “Someone tried to enter X platform” In this way, they ask you to confirm your data through links that redirect to an exact copy of the platform in question in order for you to “log in” and thus leave your access data.
Once the user falls into the trap of the fake mail or message, he is asked to log into his account with his username and password credentials so that he can check if everything is in order. Once this is done, the attacker will already have in his possession all the necessary information to be able to do multiple things.
As we mentioned before, phishing can have different ways of acting, we will mention some of the most common types of phishing below:
Email Phishing: It is perhaps the most common way of carrying out phishing, since many platforms currently use email communication to alert or leave a message to their users about their services. In general, phishing emails seek to invite the user to click on a link that redirects to a clone of the original page.
Malicious software phishing:This type of phishing seeks to sneak a self-executing file either from downloads or as attachments within emails. What these software seek is to extract sensitive information that the user can provide through monitoring.
Defined target phishing: Perhaps it is one of the most dangerous phishing techniques of all since while the other techniques have a broader scope and play with the randomness of the users that may fall, however when it is done to a fixed target, the level of The study of said person or company is very deep, reaching the point of taking advantage of such personal resources to make the user fall into the phishing trap.
Senior phishing: This is a variant of phishing with a defined target, however in this process they focus on the collection of data from very large targets, be it a high-level businessman, a representative of a government or a world-renowned artist, and the same that in the phishing of a fixed target, social engineering processes and exhaustive investigation of the target are used.
Phishing by SMS (smishing): This phishing method is similar to the method through email, but in this case, text messages are used that some companies usually send as advertising, and just like the procedure in emails, SMS methods are used use of links that redirect to clone websites in order for the user to leave their data.
Phishing by voice (vishing): it is a method that has gained popularity in recent years where clandestine call centers are used, the procedure of this type of phishing is very direct since the attacker contacts the user directly and identifies himself as an operator or worker of some entity, either from a bank or from a company, giving very personal information that they had acquired through illegal means through the purchase of data. In most cases, the excuse of some vulnerability in some resource is used, be it a credit card and they need to verify that they are talking to the owner of said card, in this way they begin to ask questions to obtain the information they require.
In summary we can say that phishing are tactics used to collect user information in order to steal important data or even real money, we must also take into account that not all phishing procedures are the same and that we must have Keep in mind that not all emails are legitimate since it is the most used means to practice this type of crime. At MegaAcademy we seek that our users are aware of these practices so that they know how to avoid them and that we must always be vigilant or verify if the website where we are going to enter is official, so we do not give our access data to malicious agents.
Only in Ccoins, Buy and Sell your Cryptocurrencies at the best price through hundreds of offers in our P2P market or convert them to any of our 30 available cryptocurrencies.
Ccoins is the fastest and safest platform to trade crypto assets
Of course, even today it is more likely that you can lose your access credentials to a cryptocurrency platform due to phishing than due to hacks to the platform itself, which is why many of these websites tend to use security tools such as 2FA.
The first step to avoid falling into phishing techniques is knowing what phishing is and identifying each type of technique or methodology of this data theft system, which is why at MegaAcademy we encourage our users to take our course and learn more about it. this.
Yes, currently there are various tools and systems that can help a user identify if some malicious agent is trying to break into your account or has already broken into, one of the most useful tools is the second factor of authentication or 2FA, which is a code that is usually generated on an external device and you must deliver to be able to enter your account, if you do not have access to this device it does not matter if you know the access credentials such as the username or password.
Download the app for your mobile device here:
Register your email and get early access and benefits.