攻击者使用多种类型的电子邮件攻击来窃取用户的机密信息。机密信息可能包括登录凭据、银行卡详细信息或任何其他敏感数据。网络钓鱼和 Vishing 也是此类攻击。
1. 网络钓鱼:
网络钓鱼是一种电子邮件攻击,攻击者试图通过电子通信以欺诈方式寻找用户的敏感信息,意图来自相关的受信任组织。攻击者精心设计电子邮件以针对某个群体,单击链接会在计算机上安装恶意代码。
例子 –
- 从用户那里窃取银行交易密码。
- 窃取用户的登录凭据。
2. 维希:
Vishing 是一种网络攻击,其中使用语音通信从一群人那里窃取机密数据。在 vishing 中,攻击者伪装成相关且可信赖的公司的员工,通过语音通话欺骗目标提供敏感信息。
例子 –
- 向用户索取银行交易一次性密码。
- 要求用户提供 UPI PIN。
网络钓鱼和网络钓鱼的区别:
| PHISHING | VISHING |
|---|---|
| Phishing attack is targeted for a wide range of people through emails. | Vishing attack is also targeted for a wide range of people through voice communication. |
| Victim needs to click on malicious links. | Victim needs to tell the information on own. |
| It is an automated attack. | While it is a manual attack. |
| A single attacker can send various emails at a time. | Voice calling to target can be done by a attacker one a time. |
| It has more accuracy. | It has less accuracy. |
| It is more used now-a-days. | It was mostly used in earlier days but still attackers use it. |
| The attackers involved in phishing are cyber criminals or professional hackers. | While the vishing attackers are not expert in hacking. |