In today’s digital world, we use the internet for everything—from sending a meme to a friend to sending an important work email. But not everything on the internet is safe.
Cybercriminals are always fishing for your money and personal information, and one of their favourite tricks is called phishing. They bait you with fake emails, messages, or links, hoping you will take the bait.
Phishing is a type of cyberattack where scammers trick people into giving money, sharing personal information or downloading harmful software.
There are many ways in which phishing can happen such as through emails, text messages, phone calls, or fake websites that look real.
This cybercrime targets people, and cybercriminals use emotional manipulation, fake stories, and pressure to make you act without thinking.
Usually, a phisher pretends to be someone you know or are familiar with - a colleague, your boss, a government official, or a well-known company. They may ask you to pay a fake invoice, click a link, open an attachment, or share passwords.
And most of the time, people do it because the message looks real and more often than not, people take the bait. They follow the instructions, and that’s when the scam works.
The “invoice” could send money straight to the scammer. An attachment could install harmful software on your device. A link could take you to a fake website that steals your bank account or credit card details.
There are multiple ways in which scammers make use of this technique:
Bulk email phishing: Scammers send spam emails to large numbers of people, hoping some will fall for the trap.
Spear phishing: A targeted attack on a specific person, often someone with access to sensitive data or authority.
Business email compromise (BEC): A form of spear phishing that aims to steal money, trade secrets, or valuable business information.
Smishing: Phishing through SMS, often pretending to be your service provider with fake offers or requests.
Vishing: Phishing done via phone calls to trick victims into giving personal information.
Social media phishing: Scammers use social media messages to lure victims, just like with emails or texts.
Some recent developments in phishing include:
AI phishing: Scammers use AI to craft highly convincing, personalised messages that avoid common red flags.
Quishing: Phishing using fake QR codes that lead to malicious websites or downloads.
Hybrid vishing: Combines phone calls with other phishing methods to gain trust and bypass filters.
Phishing is common because it targets individuals. Hackers don’t need to do complicated coding or break through firewalls; they depend on and hope for people to make mistakes.
Phishers may work alone or could be a group of scammers targetting with carefully planned out mails and messages. Their objective may vary. They could be trying to steal money, personal information, or company secrets, taking over accounts, or even committing fraud.
They target everyone - from individuals to big companies and government offices.
Normal security tools don’t always work when you are getting phished. Awareness is the key: suspicious emails, unexpected links, and unusual requests. Being careful and aware can stop scammers from succeeding.
In cybersecurity, prevention is always better than cure. It is important to understand what phishing is and to avoid clicking on links or downloading apps unless they are verified.
However, if someone believes they have fallen victim, they can contact the national cyber helpline at 1930 or report the crime to the police. Following official channels like the “CyberDost” social media accounts can also help people stay informed about ongoing cybercrimes.
On the internet it is always important to remember to not take the bait. Staying alert, spotting suspicious links, and reporting scams can help you avoid getting caught in a phishing trap and keep your personal information safe.
