Phishing is an unlawful activity where fake websites or emails that look original or authentic are presented to the user to fraudulently collect sensitive and personal details, particularly usernames, passwords, banking and credit card details. The most common phishing method is through email spoofing where a fake or forged email address is used and the user presumes it to be from an authentic source. So you might get an email from an address that looks similar to your bank or educational institution, asking for your information, but if you look carefully you will see their URL address is fake. They will often use logo’s of the original, making them difficult to detect from the real! Phishing attempts through phone calls or text messages are also common these days.
Identity Theft
Identity thieves increasingly use personal information stolen from computers or computer networks, to commit fraud by using the data gained unlawfully. A user’s identifiable personal data like demographic details, email ID, banking credentials, passport, PAN, Aadhaar number and various such personal data are stolen and misused by the hacker on behalf of the victim. This is one type of phishing attack where the intention is largely for monetary gain. There can be many ways in which the criminal takes advantage of an individual’s stolen identity.
Given below are a few examples:
• Financial identity theft: when the stolen identity is used for financial gain.
• Criminal identity theft: criminals use a victim’s stolen identity to avoid detection of their true identity.
• Medical identity theft: criminals can seek medical drugs or treatment using a stolen identity.