Infographic: Anatomy of a Phishing Attack
Phishing attacks can cause data breaches, exposing e-mail addresses, which get used in new phishing attacks. Do your part to end this cycle; don't be fooled by phishers.
With the flood of e-mail addresses exposed by the recent , a surge in phishing attacks is almost inevitable. We've explained how to . But exactly what is a phishing attack, and what do the bad guys get out of it? Randy Abrams, Director of Technical Education for North America, offers a blog post with a clear explanation.
Abrams points out that phishing attacks come in two forms. One involves an e-mail message that asks for your password and personal information, usually with the excuse that it's needed to solve a security problem. The message could conceivably be legitimate (though it probably isn't). If you're concerned, log into the site manually and investigate the situation.
The other style of phishing attack revolves around a Web page that mimics a valid secure site and asks you to log in. This is the type of attack used in PCMag's . Abrams strongly advises that users never log in at a page reached by clicking a link in an e-mail message. I would add, never log in at a page reached by a link from a social networking post, a Twitter comment, or just about anywhere. As Abrams says, "Follow my rules and you will foil the phishers."
ESET kindly offered the informative infographic below. It spells out the cycle of events that helps the phishers keep catching more unsuspecting victims. By understanding this cycle and carefully avoiding risky behavior you can avoid becoming the next victim.
[Source: ESET Threat Blog]