Phishing is a term that we are starting to hear more frequently than we would like. Unfortunately, the greater the digitalization, the higher the risks of suffering a scam or cyberattack. Pablo Plaza Martínez is a cybersecurity analyst at BISITE Research Group, member of the Spanish cybersecurity team and participant in CTF competitions at national and international level; he participates in Module 2a “Cybersecurity Awareness” of C1b3rWall Academy 2021, in a conference entitled “Phishing attacks. Will you fall into the trap?”.

Phishing is a type of fraud that employs social engineering tricks to deceive its victims. The attack is carried out through electronic communications in which the attacker attempts to persuade the victim to interact with a posed bait. The targets are typically:

  • Data theft.
  • Malware distribution.
  • Identity theft.

How can you protect yourself?

The first step would be a study of the target; in this phase, the attacker monitors the social networks of the target or targets, collects information and spies on them. Subsequently, the attacker chooses the most appropriate electronic media for the victim (mail, sms, call, ads…). Then, the victim falls for the bait, i.e., clicks on the link, enters data, downloads a file, etc. Finally, the attacker obtains the data and executes the malware.

There are advanced techniques that allow attackers to execute phishing attacks despite protection such as two-factor authentication. Tools such as Evilginx allow hyper-realistic impersonation of the websites of companies such as Amazon, Google, etc. and steal credentials. Other techniques use malicious devices that look like USB sticks or mice that, when connected to a computer, execute malware or steal data.

You can read the full article on News-365.

Pablo invites us to reflect on the discussed cases, as well as teaches us how to successfully detect phishing cases. To discover all these tips, register for free at C1b3rWall Academy 2021.

You also have the opportunity to delve deeper into this and other issues related to Internet security with the Master’s in Cybersecurity of the University of Salamanca. Registration is now open for the call that will start in February 2022.

More information is available at the following link.

Posted by Juan M. Corchado

Juan Manuel Corchado (15 de Mayo de 1971, Salamanca, España) Catedrático en la Universidad de Salamanca. Ha sido Vicerrector de Investigación desde el 2013 hasta el 2017 y Director del Parque Científico de la Universidad de Salamanca. Elegido dos veces como Decano de la Facultad de Ciencias, es Doctor en Ciencias de la Computación por la Universidad de Salamanca y, además, es Doctor en Inteligencia Artificial por la University of the West of Scotland. Dirige el Grupo de Investigación Reconocido BISITE (Bioinformática, Sistemas Inteligentes y Tecnología Educativa), creado en el año 2000. Director del IOT Digital Innovation Hub y presidente del AIR Institute, J. M. Corchado también es Profesor Visitante en el Instituto Tecnológico de Osaka desde enero de 2015, Profesor visitante en la Universiti Malaysia Kelantan y Miembro del Advisory Group on Online Terrorist Propaganda of the European Counter Terrorism Centre (EUROPOL). J. M. Corchado ha sido presidente de la asociación IEEE Systems, Man and Cybernetics, y coordinador académico del Instituto Universitario de Investigación en Arte y Tecnología de la Animación de la Universidad de Salamanca e investigador en las Universidades de Paisley (UK), Vigo (Spain) y en el Plymouth Marine Laboratory (UK). En la actualidad compagina toda su actividad con la dirección de los programas de Máster en Seguridad, Animación Digital, Telefonía Movil, Dirección de Sistemas de Información, Internet de las Cosas, Social Media, Diseño e Impresión 3D, Blockchain, Z System, Industria 4.0, Gestión de Proyectos Ágiles y Smart Cities & Intelligent Buildings​, en la Universidad de Salamanca y su trabajo como editor jefe de las revistas ADCAIJ (Advances in Distributed Computing and Artificial Intelligence Journal), OJCST (Oriental Journal of Computer Science and Technology) o Electronics MDPI (Computer Science & Engineering section). J. M. Corchado desarrolla principalmente trabajos en proyectos relacionados con Inteligencia Artificial, Machine Learning, Blockchain, IoT, Fog Computing, Edge Computing, Smart Cities, Smart Grids y Análisis de sentimiento.