Phishing - CompTIA Security+ SY0-701 - 2.2
Summary
TLDRThe script delves into the deceptive world of phishing, a form of social engineering that tricks individuals into revealing sensitive information through seemingly legitimate emails, texts, or other communication channels. It highlights common tactics such as typosquatting and pretexting, and warns of the dangers of falling for these scams, including account takeover and malware infections. The speaker advises on best practices like scrutinizing email senders and links, and cautions against clicking on suspicious links. The importance of recognizing and avoiding phishing attempts is emphasized to protect personal and financial information.
Takeaways
- 🔒 Phishing is a form of social engineering that tricks people into thinking a communication is genuine to obtain private information.
- 📧 Phishing attacks are commonly delivered through emails, text messages, and other communication methods.
- 🔎 It's important to verify the links in messages to check if they lead to a well-known and trusted site.
- ⚠️ Phishing messages often contain errors, such as incorrect spacing and fonts, which can be a red flag.
- 📬 Be cautious of emails with deadlines and prompts to click on links, as they may be phishing attempts.
- 🤔 Always check the sender's email address for authenticity and consistency with the company they claim to represent.
- 🚫 Avoid clicking links within emails as a best practice to prevent falling for phishing scams.
- 🕵️♂️ If an email looks suspicious, conduct further research before interacting with any links or providing personal information.
- 📲 Smishing is phishing via text messages, such as SMS, and should be treated with the same caution as email phishing.
- 📞 Vishing, or voice phishing, involves scammers pretending to be from a trusted organization over the phone to extract sensitive information.
- 💡 Awareness of various phishing techniques and scams can help protect you and others from falling victim to these fraudulent practices.
Q & A
What is phishing?
-Phishing is a form of social engineering that uses various communication methods to deceive recipients into believing that a fraudulent communication is legitimate, with the goal of obtaining sensitive information such as usernames, passwords, and personal details.
How is phishing typically delivered?
-Phishing is commonly delivered through emails, text messages, or other communication channels, often appearing to come from a trusted source to trick recipients into revealing private information.
How can one verify the authenticity of links in suspicious messages?
-One can check the destination of the links to see if they point to well-known and trusted sites. If the link leads to an unexpected or suspicious location, it may be part of a phishing attempt.
What are some visual cues that might indicate a phishing attempt in an email?
-Visual cues can include unusual spacing, incorrect fonts, and poor design quality that may suggest the email is not from the purported legitimate source.
What is an example of a phishing email mentioned in the script?
-An example given is an email pretending to be from Rackspace, with issues like incorrect spacing and fonts, and directing users to a login page that looks similar but has subtle differences from the actual Rackspace login page.
Why might an attacker use an email address associated with a different service in a phishing attempt?
-Using an email address from a different service can create confusion and make the phishing attempt seem more legitimate, as recipients may not immediately notice the inconsistency.
What is the purpose of the 'Confirm Email Now' link in a phishing email?
-The 'Confirm Email Now' link is a tactic used to create a sense of urgency and prompt the recipient to click on it, potentially leading them to a fraudulent site designed to steal their login credentials.
What is typosquatting and how is it related to phishing?
-Typosquatting is the practice of registering domain names that are similar to well-known ones but contain minor misspellings or variations. Attackers use this to trick users into visiting fake websites, which can be part of a phishing scam.
What is pretexting and how does it relate to phishing?
-Pretexting is a form of deception where attackers create a false narrative or scenario to manipulate recipients into taking an action, such as clicking a link or providing personal information, which is a common tactic used in phishing.
What is smishing and how does it differ from traditional phishing?
-Smishing is a type of phishing attack that is delivered via SMS text messages rather than emails. It uses the same principles of deception to trick recipients into revealing sensitive information or clicking on malicious links.
Why is it important to be aware of different phishing techniques and scams?
-Being aware of phishing techniques and scams is crucial for personal security and to help protect others from falling victim to these fraudulent practices. Knowledge enables individuals to recognize and avoid potential threats.
Outlines
🎯 Phishing and Social Engineering Techniques
This paragraph discusses phishing, a form of social engineering that tricks individuals into revealing sensitive information through deceptive communication methods like emails or text messages. The paragraph highlights how attackers use fake emails, often with subtle signs like incorrect spacing or fonts, to lead victims to counterfeit websites that mimic legitimate ones, like a Rackspace login page. It also touches on the importance of scrutinizing the sender's email address and being cautious of deadlines and prompts to click links within emails. The speaker demonstrates the dangers by clicking on a suspicious link, which leads to a fake login page designed to steal usernames and passwords. The paragraph concludes with a warning about the broader implications of falling for phishing scams, such as malware infections and unauthorized access to personal accounts.
📞 Vishing, Smishing, and the Dangers of Phishing Scams
The second paragraph delves into different types of phishing attacks, including vishing, where attackers spoof caller IDs to impersonate bank representatives or other trusted entities, and smishing, which involves sending phishing text messages, like fake notifications from USPS about a package delivery issue. The paragraph underscores the importance of being aware of various scams and phishing techniques to protect oneself and potentially help others avoid falling victim to such schemes. It also mentions other common scams, such as fake check scams and phone verification code scams, emphasizing the need for vigilance and education to counteract these fraudulent practices.
Mindmap
Keywords
💡Phishing
💡Social Engineering
💡Communication Methods
💡Private Information
💡Links
💡Typosquatting
💡Pretexting
💡Vishing
💡Smishing
💡Scams
Highlights
Phishing is a form of social engineering that tricks people into revealing private information.
Phishing attacks are often delivered through email, text messages, or other communication channels.
Victims are persuaded to give up sensitive information like usernames, passwords, or personal details.
Phishing messages can be identified by checking links against well-known and trusted sites.
Phishing emails may have inconsistencies like incorrect spacing and fonts, as seen in the Rackspace example.
The sender's email address can be a clue; it may not match the company's domain, as in the icloud.com vs. Rackspace example.
It's best practice never to click links within emails, to avoid potential phishing scams.
Phishing pages often mimic legitimate sites but have subtle differences, like the Rackspace login page example.
Email sources are trusted, making people more likely to click on links within them, leading to security risks.
Email addresses in phishing attempts may be spoofed or closely resemble the company's actual email.
Attackers can gain access to your email, potentially sending emails from your account or accessing sensitive information.
Attackers may use reset password features to gain access to accounts, as demonstrated with the PayPal example.
Clicking on phishing links can lead to websites that download malware and infect your system.
Typosquatting is a phishing technique where attackers use domain names similar to legitimate ones to deceive users.
Pretexting involves attackers making up stories to trick users into clicking links or revealing information.
Vishing, or voice phishing, is when attackers spoof caller IDs to impersonate bank officials or service providers.
Smishing is phishing via text messages, such as the USPS package delivery scam example.
There are numerous other scams like the fake check scam and phone verification code scam.
Becoming familiar with phishing techniques can help protect you and others from falling victim to scams.
Transcripts
Phishing is a term we use to describe social engineering
that uses a number of different communications methods to make
you think that something is real, when in fact,
it really isn't.
This is usually delivered by mail, text message,
or some other communication method
in order to have you give up information
that normally would be private.
This might be a username and password
you use to log into a service or it
may be some private information about yourself.
We can usually check the links in these messages
to see if they're pointing towards a well-known and
well-trusted site, but if it's a phishing message,
it probably is going to a different location
than what you would normally expect.
And very often there's something not quite right
with the information that's being provided.
For example, this is the web mail login to Rackspace,
or at least it's pretending to be that.
You can see that it tends to have a problem with the spacing
and some of the fonts inside of this message, which
might lead us to believe that this is not really
the Rackspace login page.
I got to that page by following this email that
was inside my spam folder.
And it says, "dear user, we notice
your email has not been confirmed for the new upgraded
service."
Well, I certainly want the upgraded service.
It says, "I will be blocked from sending and receiving
emails if not confirmed."
So now they're giving us a deadline
on when we need to click this link,
and we can simply click the Confirm Email Now.
If you look closely at the sender of this message,
it's associated with an icloud.com address,
which is an Apple service.
This is obviously a message for someone
who has email on a Rackspace service.
This means the information contained in this message
doesn't quite ring true and we might
want to do a little bit of extra research
before clicking any of these links.
As a good best practice, in fact, you
would never click a link that's inside of your email,
but for the purposes of showing you what can really happen,
I went ahead and clicked the link
that said Confirm Email Now.
It brought me then to a Rackspace login page,
and it almost looks like a real Rackspace page.
There are a few things that are a little bit different.
If we put these side by side, you
can see that the phishing email took me to the image
that you see on the top, but the actual Rackspace login page
is the one on the bottom.
It's interesting that they added the same suspicious email image
to try to make you think that you really
were logging in to a legitimate Rackspace page.
In that previous example, the attacker
was trying to get us to give up our username and password
into that email service.
And that's what these email messages are trying to do
is convince you that they are someone else
and convince you to give up some of your information.
We tend to trust email sources, and because of that,
we tend to click on links that are inside of the email.
But obviously, this can run into some significant security
problems.
As we noticed with the message that was in my Spam folder,
the email addresses that were used as the sender were
not quite what we expected.
In some cases, they might spoof an actual email address
from that company or they'll use an address
that's very close to the email of that company.
For example, if you receive an email that says it's from
[email protected] you might say that looks like
the same domain name, but in reality,
my last name is spelled M-E-S-S-E-R .com.
And that's how you would know that this particular address
probably wasn't sent by Professor Messer.
Someone gaining access to my email
could certainly allow them to send other emails
from my account or they could look through the emails that
are already in my account to see if there's
some financial information or logins that they could use.
For instance, they could go to PayPal.
They could use the reset password feature.
It's sent back to my email, which
now the attacker has access to.
Or they may just be trying to have you click that link,
and if you click that link, it takes you to a website
that downloads malware and infects your system.
The attackers use a number of different ways
to trick and misdirect you into clicking the links
or believing that what you've received
is from a legitimate source.
This might be something like typosquatting.
If you look at the destination for the link they've provided,
you might see that the destination is
professormessor.com, and we've already
seen that is not a legitimate, fully qualified domain
name, which normally would be professormesser.com.
We refer to this type of misdirection or hijacking
as typosquatting.
But what the attackers are really good at
is outright lying.
We refer to this as pretexting.
They're going to make up a story and drag you
into this particular drama in the hopes
that you'll click a link or login to a site
and they can gain access to your username and password.
Or maybe they call you on the phone and say, "hi,
we're from Visa, and this is about an automated payment
to your electrical services.
It didn't go through.
So you'll need to give me those details over the phone."
In reality, of course, they're not from Visa,
there's not any problem with your automated payments,
but they're trying to gain access to your credit card
information.
We even categorize that type of over-the-phone communication
as vishing, or voice phishing, where
someone will spoof a caller ID, say
that they're from your bank, and then
get you to give up information about your account
details, your login, and other private information.
If you have a mobile phone, you've
probably seen this type of phishing
delivered as a text message.
We refer to this type of phishing as smishing, which
is a reference to SMS, or the Short Message
Service, which is the formal name for this text messaging.
I get text messages like this one all the time.
This one says it's from USPS, and it
says that I have a package that needs to be delivered,
but it's been suspended due to an incorrect delivery address.
And they're hoping that you click that link
to be able to log into your account, and at that point,
they have your username and password.
And of course, there are many, many, many, many other scams
that they can go through.
There's the fake check scam, the phone verification code scam,
and many others.
I would highly recommend you become
familiar with these types of scams and phishing techniques.
You may be the person that's able to stop your friends
or family from falling victim to one of these scams.
Browse More Related Video
Phishing - SY0-601 CompTIA Security+ : 1.1
Hoe herken je phishing? De beste tips!
Apa itu Phising? Ketahui Pengertian, Teknik dan Bahayanya
CompTIA Security+ SY0-701 Course - 2.2 Explain Common Threat Vectors and Attack Surfaces - PART B
CompTIA Security+ SY0-701 Course - 5.6 Implement Security Awareness Practices.
Internet Safety Pitfalls and Dangers
5.0 / 5 (0 votes)