The security of data and information in the contemporary world of growing security is an essential and important aspect especially for the businesses irrespective of their sizes and transactions. In this context, the phishing eventually stands as one of the extremely serious security concerns based on its facts and figures of attacking in numerous security breaches across the world. As per DBIR or data breach investigation report-2018 of Verizon 70% of total breaches done across the nation or associated with the state-affiliated actors incorporated phishing. Similarly, the Symantec internet security threat report-2018 reveals that 71.4% of security breaches were done using spear-phishing emails. The major affected industries by these numerous phishing attacks were public services, financial services, and information services.
The phishing is one of the oldest and fast-evolving technique of hackers in the history of security breaches. The AOL or the America Online phishing which was algorithm-based phishing first started as the origin of phishing in the year 1990. The AOL used an algorithm-generated list of credit card numbers to match the original credit card numbers for the AOL accounts. By 1995, when the AOL was identified for the scam, the phishers had moved to other techniques of security breaches.
The next generation phishing was more advanced and technically sound with email phishing by the year 2000. Through this, they used easy and simple ways to track and create email phishing. By the year 2003, the phishers developed more sophisticated strategies by creating domains which looked like authenticated domains and similar to famous domains such as manager-apple.com or yahoo-info.com from where they started communication through direct email. However, in the same year,Paypal caught the phishing when the Paypal account holders started reporting about emails that asked them about their confidential information in Paypal.
In 2018, the phishing techniques have gone further to more advanced and sophisticated operations. Previously, the phishers continued phishing through two basic techniques namely through email phishing in 2000 and later by domain spoofing in 2003. But in the present context, there are various types phishing namely the vishing, smishing, search engine phishing, spear phishing, whaling etc.
Phishing is a type of cybersecurity breach through which the attackers send malicious emails to the victims. The emails are usually very carefully crafted and articulated so that the victim will open the email without any suspicion. Once the target victim or the recipient of the email opens the email, the phishers get the access to your computer systems and data and information in your system.