Phishing (translated into Czech as fishing), is a fraudulent technique used on the Internet to obtain sensitive data of the injured party ( passwords, credit card numbers, telephone numbers, etc. ) in electronic communication. To attract a trusting public, the communication pretends to come from popular social networks ( Facebook, Instagram, Twitter, etc. ), auction sites, online payment portals, government agencies, or from IT administrators.

Example of a typical e-mail phishing with an explanation.
The principle of phishing is typically sending e-mail messages or chat messages, which often prompt the recipient to enter personal information on a fake page, the appearance of which is almost identical to the official one. For example, the site may mimic an Internet banking login window. The user enters his login name and password. This reveals the data to attackers, who are then able to steal money from his account.

Telephone phishing
Not all phishing methods require fake sites. Reports that they are from the bank have encouraged users to call a certain number with reference to problems with their bank accounts. As soon as the client called the specified number (owned by the attacker and provided by the Voice over IP service), he was asked to enter the account number and PIN. So-called Vishing (from English voice phishing) sometimes uses fake caller ID. It gives the impression that he is calling from a trusted organization.

Phishing is an example of a social engineering technique used to deceive users by exploiting the vulnerabilities of current security technologies and their implementation. Protection against the growing number of reported cases of phishing includes legislation, user training, public awareness and technical measures.

Have you been a victim of Phishing?