Types of Phishing

Types of Phishing (Explain a paragraph or 3 to 6 lines for each) • Phishing through search Engines • Vishing • Smishing • Key logger • Social Engineering • Domain spoofing • Website forgery • Trojan • Malware • Ransomware • Malvertising • Spear Phishing • Session Hijacking • Content injection • Link Manipulation • Whaling • Email/spam • Web based delivery Root Cause or reason for phising (Explain a paragraph or 3 to 6 for each) • Identity theft • Financial Gain • Password harvesting • Gain recognition • Exploit security hole • Brand Tarnishing • Data theft Causes of Phising (Explain a paragraph for each) • Security Flaws • Weak passwords • Non secure desktop • No user awareness • Weak auth or no MFA • Access control list • Software not up to date • Browser Vulnerabilities • Open ports and misconfigured services exposed to internet • Poor endpoint detection Detection of Phishing (Explain a paragraph for each) • Domain name detection • Language Used • UI Detection • Signature • Tools to detect • Suspicious attachments • Suspicious links • Message with sense of urgency • Awareness creation • Unbelievable deals and Offers Prevention of Phising (Explain a paragraph for each) • Enforcing strong passwords • Implement MFA • Creating security awareness programs • Monitoring open RDP ports • Hardening conditional access policies • Security policies • Avoiding clicking links and attachments • Spam Guarding • Install anti virus , anti spam software