Written by: Saurav Phuyal - 24035, Grade XI
Posted on: 29 August, 2022
We all are aware about hacking these days. As technology is developing the risk of getting hacked is also increasing. Hacking can be done in many ways and Phishing is one of them. It is the process of sending messages to victims to trick them and get their personal details including passwords, credit card information, etc.
To perform this hacking, at first hackers make some fake websites that look similar to the original website of social media, online payment, etc and then use social engineering techniques to send messages to victims in such a way that victims are compelled to click on the link to the fake website attached to the message. Once victims click on the link they will be redirected to fake websites created by hackers that look very similar to the original one. Then victims login on the fake website after which every information filled in form on the fake website including password is sent to the hacker. This is how hacking is performed through phishing. We can easily find out if the website is fake or real, we should always visit valid links like https://www.facebook.com, https://www.youtube.com etc. These are most commonly used websites and their domain is known by everyone but if you don’t know the domain of the website then you can always see if the website is secured or not. If there is https then we can call it secure and if there is only (http) without (s) then we call it an insecure website. There is a high risk of getting hacked in http or insecure websites. Website developers can always fix this issue by adding SSL certificates to the website so that their website visitors feel secure. Hacking is often called illegal in many countries but this can be performed under some circumstances with permission. So how do you get into phishing links?, well you may get mails from hackers pretending to be service provider of different organizations like facebook, paypal, your bank, etc asking you to “reset your password”, “you account is at high risk protect your account”, or even give you different offers that make you to expose your personal information on their fake websites. But sometimes you may get such mails from real website managers so make sure to visit that link and then check the link. Phishing cannot be performed just by visiting the link, You have to enter data and submit it to successfully get hacked. There is another method of testing if the website is real or fake, you can simply enter invalid or wrong information in the login section of the website and try logging in, if you get an error saying incorrect password or other similar errors then you are good to go. But if you don’t get any error and get redirected to other websites then get to know that the website is fake and someone is trying to hack your account. It may not always be the login credentials, sometimes hackers may try to gain other personal details also. Sometimes connecting to Free WIFI in public places can be vulnerable as hackers may be monitoring your device traffic so you should always use VPN (Virtual Private Network) while connecting to such networks. VPN’s can sometimes bypass the captive portal also. Captive Portal is a prompt that you get while connecting to some networks asking to sign in to the network and this sign in page can also be a fake Phishing site so make sure to use wrong information first or use the VPN while using Free Public WIFI.
Overall, Phishing is not a very legit way of hacking but can be serious if someone becomes successful in performing this attack. So make sure you always check the link, secure/insecure website and other things mentioned above. And if you are a hacker then sorry I exposed your method of hacking. Now you all are aware and protected from Phishing Attacks.
