Types of Phishing Attacks
- Man in the middle attack (MITM)
The man-in-the-middle attack is a type of session hijacking that interrupts the TCP session between the client and the server. In this type of attack, the attackers monitor the communication between two end-users and modifies the information. This attack also requires an ability for accessing network packets over the computer network. The hijacking of the running session, theft of sensible information, traffic analysis to obtain information about the network, or corrupting the transmitted data to the server are the main objectives of this attack.
Any person can be man-in-the-middle attacker who is working for an Internet Service Provider (ISP) since they have the authority to access the network packets of the entire network. The attacker can use routing, sniffing and transport protocols for implementing this attack. For example, if two people or parties are communicating with each other, the malicious attacker can get into the conversation and gain access to the information that is being exchanged between the two persons or parties. The attacker can change the original message of the sender by controlling communication. The attacker can gain access to the information or can modify the original message in such a way that both the sender and receiver remain unaware of it until it becomes too late.
- Cross site scripting (XSS).
XSS attack is generally performed by injecting code injection in the url parameters or input data field . Generally xss is carried out by url formatting . XSS may be persistence or DOM based . XSS is counted in top 10 vulnerability list according to owasp top 10 2013
- URL Redirection
Attacker share a link to the target user which on opening redirects to the phishing page . Attacker tries to keep the link as similar as the original so that there are less chances of being caught . This is one of the traditional methods of performing the phishing attack . Generally user shares such links over personal chats or emails.
- Site cloning
Site cloning is generally performed directly by the social engineering Toolkit (SET) which comes pre-installed in kali linux . It creates the clone of sites on the local ip of the attacker. When the target & attacker both share the same network , site cloning is useful.
- Keylogger or Malware Based
Attacker can inject malware into the target system by the means of e-mail or any method or install the keylogger which tracks every activity of the target and anonymous sends the data record to the attacker when target system goes online.
besides these attacks there are some other types of phishing attacks which also plays an important role. Some are:
- Fake Search engine
- Client Side attack
- DNS Redirection Attack