When saying fiskning today, it can be answered that many people do not know about it at all as the term could be relatively unknown in today’s rapidly developing digital environment. Still, it is an important concept in the sphere of cyber security and a more general concern with the use of the Internet. While the term ‘fisking’ as such may not be very familiar beyond the Scandinavian countries, the concept behind it is rather not. This post is concerned with a description of what fiskning means, how it is done, its consequences, and practical measures that can be taken to avoid falling prey to a fiskare.
What is Fiskning?
Fiskning is a Swedish word that means ‘phishing’ in English. It relates to a form of intercession where the attackers mimic other genuine personnel to deceive the users into revealing their details including; user names, passwords, or credit card details. It derives from the idea of ‘fishing’ and refers to the fact that terrorists attract the targets’ personal information through seemingly legitimate messages or websites.
Origins of Fiskning
Phishing, and therefore fiskning, was born, as a method, from the mid-1990s, as the use of the internet gradually became more and more part of normal life. When electronic mail emerged as one of the most often used means of getting in touch with other individuals, the criminals saw a perfect chance to deceive people and make them think they were dealing with a reliable organization, for example, a bank or a large company. The attackers would send emails that were in most cases looked as authentic, the receivers would click on links or download attachments which would compromise their details or get their computers infected with viruses.
Evolution of Fiskning
With time, fiskning has increased in complexity and the number of its developed forms. Phishing used to be simple to detect for the most ridiculous mistakes in grammar or the email address itself looked like a clear forgery. While fiskning used to be quite crude, the techniques used today are far more sophisticated, which include using very elaborate social engineering tricks and manufacturing state-of-the-art fake websites or messages.
Types of Fiskning
Fiskning can mean fishing, where money is chiseled away in great chops, the targets presupposing the methods, and back again. The following are the various types of phishing; fortunately, by familiarizing with all of them, one can minimize them.
Email Phishing
Email phishing is the most common form of phishing assaulting the unknown individual in one’s contact list. In this case, the attackers launch phishing emails to the targeted users and these emails appear to have originated from legitimate websites. It includes emails that are marked as important with a request to perform some action right away, for instance, change the password or check the account information. As pointed out earlier the links provided most times take users to websites that are imitations to collect login information or any other sensitive information.
Spear Phishing
Spear phishing is even more serious than simple phishing. Instead of flooding the inboxes of thousands of people with so-called spam messages, attackers create personalized emails for receivers. In many cases, they adopt details retrieved from social networks, or other Internet sources to add credibility to their messages.
Whaling
Whaling is a very specific type of spear phishing that is directed at such individuals as CEOs, CFOs, or other heads of companies. The term used is ‘whaling’ because the targets are referred to as big fish in the business world. Such attacks are very specific and can prove to be fatal if the attacker is successful in his/her attempt.
Techniques Used in Fiskning
Fiskning employs numerous tactics that make a victim perceive something that is not true or does something based on the instructions of the perpetrator. Such techniques usually rely on getting around human psychology and the inherent disposition to believe in authority.
Social Engineering
Most fiskning attacks have at their center the practice of social engineering. It entails coercion or persuading of individuals to go against their standard safety measures or release sensitive information. Other factors that are common in the attacks are feelings of fear, greed, or curiosity through which, the individual is manipulated into deciding without necessarily thinking about the outcome.
Spoofing
Spoofing is a method in which the attacker camouflages and propagates an injurious message in the form of an esteemed sender’s message. This may include forging the email address of the sender, telephone number, or internet protocol address of the website link that is included in the message. Spoofing remains a thorn in the side of the intended recipient because it becomes hard for him/her to differentiate between what is original and what is fake.
Fake Websites
There is normally a mimicking of the website of the targeted organization to deceive the users. Such sites are inherently created for phishing, that is, for entering your login and password, card number, or any other valuable data.
Impacts of Fiskning
Fiskning is well known for bringing various disastrous consequences on individuals, business entities as well as on governments. The effects can go from money loss to loss of identity and dreadful harm to the organization’s image.
Financial Loss
The first and perhaps the most apparent effect of fiskning is, therefore, economic. They might for instance wire money to strangers, or have their accounts compromised through identity theft and other electronic frauds. Spear phishing or whaling attacks can be particularly costly to businesses, and cause huge financial losses.
Identity Theft
Fiskning can result in identity theft where the attacker assumes the identity of the victim just by using the information that has been obtained from the victim. This can lead to the intruder gaining access to the victim’s bank accounts, credit cards, loans obtained in their credit profile, or any malicious activities conducted under the victim’s identity.
Reputational Damage
For businesses, a fiskning attack can harm them simply because they get caught in the act, and suffer reputational damage. Customers might also be let down and therefore shun the use of the company’s services which in turn means loss of business. In some cases, the result of the attack can be legal proceedings and or fines for violation of certain regulations.
Operational Disruption
Fiskning can create business interruptions and can be exceptionally damaging if it involves infected malware in the systems of the company. In the worst-case scenario, it is possible to fully eliminate entire networks, stop work, and bring significant material and non-material damage.
How to Protect Against Fiskning
Although fiskning poses a great threat to individuals and organizations, there are several ways in which people and firms can protect themselves.
Education and Awareness
It is in this light that education has been said to be one of the most viable means of combating fiskning. Phishing attempts should be raised by individuals and the employees so that they can be in a position to distinguish the kind of approaches which are employed by the attackers. The quiet times and Phishing tests can be of benefit to reinforce this knowledge of the personnel.
Email Filtering
Maintaining strict email filtering measures can assist in filtering out phishing emails so as not to be delivered to the receiver. Such systems can be adjusted to look for known phishing patterns, links, and forged e-mail addresses.
Regular Software Updates
To prevent fiskning related software one has to ensure that the software’s are updated always. Some of the security patches and updates are in response to possible openings that attackers could capitalize on. This minimizes the danger of a successful attack, as all systems and applications are up to date.
Verify Before Trusting
People should be advised to always ensure that a particular communication received is authentic before moving to the next step. This might include dialing the number of the assumed sender to be genuine, evaluating the address of a website carefully, or discussing with another person, or an IT department.
Conclusion
Phishing or Fiskning, is one of the most common Online frauds or Internet crime practices and is still a clear and present danger. Since its emergence and given its continuous development and the elaborate methods used by the perpetrators, infection poses a threat to individuals and organizations. But if one understands what fiskning is and the predispositions of the method, the threats may be eliminated, and the users remain shielded from such attacks. Prevention and prevention alone is the best method that one should employ when it comes to protection against cyber-criminals in the ever-complicated world of computer and technology security.
FAQs
What is fiskning and what does the modern version try to achieve?
However, the primary purpose of fiskning is to learn individuals’ details including login details, credit card details, or any other personalized information by pretending to be proceeding from a genuine source.
What are the signs that I am being phished?
Fake emails are usually written with messages of high sense of urgency, they will request the user to provide more information about themselves, be full of grammatical errors, or come from new senders that the user has never communicated with before. Scammers may spoof the sender’s address and links to obscure locations can be revealed with the balance of the mouse pointer.
Is it possible to perpetrate phishing through the use of social media platforms?
Yes, phishing attacks can be initiated through social media apps. Scammers also pose as friends or unsuspicious senders to reciprocated users into clicking on dangerous links or responding with details about themselves.
Can fiskning be prevented with one hundred percent certainty?
Although one is not able to fully eliminate fiskning, proper security measures, being aware of the different varieties of fiskning, and avoiding them reduce the rates of getting trapped in such attacks.
What other aspect might hint at the fact that ‘this’ site is in fact, a real-life phishing site?
I think that this is exactly what makes a phishing site; it is spelled wrong, uses no or wrong https, is badly designed, and asks for personal information. In all the sites it is important that you confirm the URL you are working with and also alert for securities before entering any information.
