What is phishing?


Last updated: December 26, 2022

Le Phishing, is a forgery technique used by hackers to steal your identity and recover your sensitive information like passwords and credit card numberss.

This is a technique very popular with computer hackers since it is easy to perform and poses no risk to them.
To carry out their attack, all they need is a web page hosted abroad. The benefit is immediate and assured, especially since the techniques have evolved so much that it is sometimes very difficult to differentiate between a legitimate page and a fraudulent page.

According to the Microsoft Computing Safety Index, the annual global impact of phishing is $5 billion.

Example phishing email
Example phishing email

How does phishing work?

This attack consists of exploiting not a computer flaw, but a human flaw by duping Internet users through a link appearing to come from a trusted company, typically a bank or a business site.

The technique consists of making the victim believe that they are speaking to a trusted third party. administration, bank, social network, etc.) to retrieve personal information.

It is a form of computer attack based onsocial engineering and it can be done by email, spoofed websites, or over the phone.

The hackers exploit the naivety of users who believe they are receiving a legitimate email from a bank or company.

The email invites them to connect online via a link and to update information concerning them in a form on a dummy web page, a true copy of the original site, claiming for example an update of the service or a refund.
Thanks to this attack, hackers get personal information like bank account number, customer number, confidential code, social media password.

how does it work phishing
How does phishing work?

After retrieving this information, hackers carry out fraudulent financial transactions and sometimes resell this stolen information over the network. darknet.
In the following, I will show you how hackers carry out their attacks. I'm going to use a python tool designed to allow the creation of a site clone. This is a demonstration, I strongly advise you not to use it to trap third parties.

How to protect yourself from phishing?

Check the URL before accessing the website

The first thing to do: it is check web address in browser address bar when you are asked to click on a website.

  • A simple attack: It consists of using a domain misspelled, like http://www.faceboook.com/ instead of http://facebook.com/. Of course, the attacker will have previously purchased the misspelled domain name.
  • A more elaborate attack: This is the use of a web address containing the “@” symbol.
    For example the web address: http://www.paypal.com:refID12344234324@www.funinformatique.com / leads to https://www.funinformatique.com and not  http://www.paypal.com. A variation on using '@' is to use a subdomain, for example http://www.paypal.com.example.com.

So to avoid falling into the for stealing information you should always check the address of the website to which you are asked to click.

Although it is sometimes very difficult to tell the difference between a legitimate page and its fraudulent copy, we must not be naive. In doubt, connect to the site by following the normal route and not by clicking on a link.

There are many extensions for the Firefox and Chrome browser that help you verify a web address before accessing it. Among these extensions, we find WOT, Netcraft or even Password Alert.

Check the spelling of the website and the email received

The presence of spelling errors can be indicative of a phishing attempt. Unfortunately, spelling errors have diminished in fraudulent emails and websites (most are now written in impeccable French and without spelling mistakes…).

What to do when you are a victim of phishing?

When you are the victim of phishing scam, it is necessary to react as follows:

  • First, obviously, don't panic, don't respond to the received message, don't pay a ransom, and don't open potential attachments attached;
  • Quickly change your passwords on services affected by these attacks;
  • Notify your bank of the attack of which you have been a victim;
  • Then, as the CNIL advises on its page, take screenshots of the message in question, and report the scam on internet-signalement.gouv.fr.