Phishing: Definition, Forms and Security Measures Essay

Exclusively available on Available only on IvyPanda® Made by Human No AI

Many of you have probably heard about the term “phishing.” However, not many may be aware of its meaning hence the purpose of this newsletter. Phishing is a form of cyberattack whereby victims are reached by an individual impersonating a genuine organization or person by email or message trick them into giving critical or confidential information, like bank account numbers (Rains, 2020). There are different forms of phishing attacks, including Spear phishing, whaling, and others. Most individuals are at risk of being the victims of such attacks daily. One never knows when they will be the victim, which is why every Sifers-Grayson employee and non-technical manager needs to take this newsletter seriously.

Spear phishing attacks have been on the rise in recent years. A spear-phishing assault is when a hacker customizes an email using the victim’s identity, role, organization, office phone number, and other details to fool the victim into thinking they are communicating with the actual sender (Kwak et al., 2020). Hackers might combine email spoofing with configurable URLs and drive-by installations for spear-phishing attacks to get around safety measures. More precisely, sophisticated spear-phishing assaults might take advantage of software weakness loopholes in browsers and plug-ins. The spear-phishing attempt could be a precursor to executable downloads, outgoing Trojan connections, and data breaches in the future.

The whaling assault is a special kind of phishing attack that targets high-ranking businesses, officials, and personalities as its intended victims. In a whaling assault, the target is tricked into divulging personal or company data through email or webpage impersonation (Rains, 2020).

To deceive targets into disclosing confidential information via email or accessing a faked site that imitates a reputable entity and requests private information like transaction or bank details. Case in point, recently, the most common form of spear phishing has been Business Email Compromise (BEC). According to Bakarich and Baranek (2020), a BEC hack uses a purportedly valid email address to persuade the recipient to perform a specific action. Using a BEC attack, the hacker typically wants the intended company to believe that they are doing a genuine commercial transaction while wiring funds to the hacker. Spear phishing scams prey on those who post their private info online.

Employees should be extra attentive to avoid falling victim to a phishing scam. Often, phishing communications have tiny inaccuracies that reveal their genuine credentials, like spelling issues and alterations to web addresses, which a person may easily detect. Individuals should avoid responding to these sorts of emails to prevent being scammed. Other strategies to avoid falling for phishing scams include constantly updating your antivirus software, ensuring continuous cybersecurity training to the staff, ensuring that workers do not save or share sensitive and private data online.

More importantly, the organization should amend its financial policies to ensure that nobody can authenticate a money transfer through email. Likewise, businesses should invest in workarounds that can analyze incoming emails for phishing scams and block potentially malicious links, set up strict verification processes, create two-factor authentication, and encourage employees to use strong passwords.

Workers should promptly notify the IT Security Team or relevant personnel in charge of security protocol of any phishing attack they may have come across. Companies must create incident response teams (IRT) dedicated to addressing cybersecurity issues. Immediate reporting is crucial in halting the attackers since the IRT can take action and inform everyone else in the company of possible phishing attacks as soon as they are detected. Prompt reporting will enable employees to take temporary safety measures such as shutting down servers or backing up data before the attack ultimately compromises the organization. In turn, the organization can rescue crucial data and protect the employee and customer data from the breach.

References

Bakarich, K. M., & Baranek, D. (2020). Something phish-y is going on here: A teaching case on business email compromise. Current Issues in Auditing, 14(1), A1-A9.

Kwak, Y., Lee, S., Damiano, A., & Vishwanath, A. (2020). Why do users not report spear-phishing emails?. Telematics and Informatics, 48, 101343. Web.

Pienta, D., Thatcher, J. B., & Johnston, A. (2020). Protecting a whale in a sea of phish. Journal of Information Technology, 35(3), 214-231. Web.

Rains, T. (2020). Cybersecurity Threats, Malware Trends, and Strategies. Packt Publishing.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, November 29). Phishing: Definition, Forms and Security Measures. https://ivypanda.com/essays/phishing-definition-forms-and-security-measures/

Work Cited

"Phishing: Definition, Forms and Security Measures." IvyPanda, 29 Nov. 2022, ivypanda.com/essays/phishing-definition-forms-and-security-measures/.

References

IvyPanda. (2022) 'Phishing: Definition, Forms and Security Measures'. 29 November.

References

IvyPanda. 2022. "Phishing: Definition, Forms and Security Measures." November 29, 2022. https://ivypanda.com/essays/phishing-definition-forms-and-security-measures/.

1. IvyPanda. "Phishing: Definition, Forms and Security Measures." November 29, 2022. https://ivypanda.com/essays/phishing-definition-forms-and-security-measures/.


Bibliography


IvyPanda. "Phishing: Definition, Forms and Security Measures." November 29, 2022. https://ivypanda.com/essays/phishing-definition-forms-and-security-measures/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1