Phishing had been widely used at least half a decade ago but it still remains as one of the popular method to scam internet users. Just recently, thousands of Tumblr bloggers were affected by a phishing attack which caused their credentials such as username, passwords, and email addresses to be stolen. Many of us might still be wondering why there are so many victims out there even though we had been taught from time to time to stay aware of a phishing scam. There are five reasons here why phishing is still a popular trick and below are the reasons.
#1 – It tricks the victim with fear.
One of the most common method is to trick the victim by sending them an email and tell them that their internet banking account is being compromised and need to click on a link to resolve the issue. Once the user followed the link, the user will be redirected to some forged website that looks similar to the banking website which requires the user to input his/her username and password. Once that form is sent, all the data will be transmitted to the attacker controlled server. Users who have a large amount of cash in their banking account will be scared to see this mail and some of them will follow the mail to avoid their account being compromised.
#2 – It tricks the victim with special interest.
Some scammers use the scenario such as winning lottery or viewing adult material to create a temptation for the victim to click on a link that redirects to the phishing site. Just recently, Tumblr bloggers were asked to re-verify their accounts by entering the username and password in order to continue and view the adult content. At times, it is not always money related issue can relate to phishing scam, but also special interest as mentioned can relate to a phishing scam.
#3 – It is not a rocket science technology.
Phishing attack involves creating a forged website and it might be difficult to certain people. However if it is to compare to hacking a banking server, creating a forged website is not that complicated. Therefore many novice or intermediate scammers will choose to use the phishing method over any other method in their hacking project. In short, phishing is not mainly about technical skills but it is also about how good the hacker in luring his victim into a trap.
#4 – It can be launched via many types of communication channel.
Phishing can happen not only by simply building a forged website and anticipate for the victim to come to you. It can also involve sending emails to the victims to lure them to the forged website. Besides that, a phishing scam uses as well the manipulation of a URL and post it as a comment or forum to trick them to the forged website. Apart from using the computer knowledge to lure the victim, phishing can also be done via phone calls. The conclusion is this type of scam can be done via multiple channels and multiple techniques.
#5 – Compromising one account is not the end.
After stealing one’s credentials is not the end, but it can be the beginning. Why is it so? Internet users nowadays have many online accounts for instance Facebook, Twitter, and LinkedIn. In common, most users will use the same username and password for each of the account so that remembering them is not an issue. Hence this can lead to the users’ credentials that had been stolen can be used as well for other accounts by the scammers.
In conclusion, phishing can be an old technology but it is not an out-dated technology. There are still countless internet users who fell for this old technology. To have a better IT security, we should always stay focus and caution when using the internet and pay extra attention when something unusual occurred.