index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
    <link rel="stylesheet" href="special.css">
</head>
<body>
    <h2>
        <h class="special" href="https://www.google.com/">Google</h>
        <br>
        Phishing is a form of social engineering and  <a href="	https://aeonshop24h.com/account/login">spam</a>  where attackers deceive people into revealing sensitive information[1] or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim.[2] As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.[3]

The term "phishing" was first recorded in 1995 in the cracking toolkit AOHell, but may have been used earlier in the hacker magazine 2600.[4][5][6] It is a variation of fishing and refers to the use of lures to "fish" for  <a href="	https://caixaparticular.com/"> Sensitive Information</a>

Measures to prevent or reduce the impact of  <a href="	https://bit.ly/4aBRgs5">Phishing Attack</a> include legislation, user education, public awareness, and technical security measures.[9] The importance of phishing awareness has increased in both personal and professional settings, with phishing attacks among businesses rising from 72% to 86% from 2017 to 2020.[10]
    </h2>

    <p> Email phishing
        Phishing attacks, often delivered via email spam , attempt to trick individuals into giving away sensitive information or login credentials. Most attacks are "bulk attacks" that are not targeted and are instead sent in bulk to a wide audience.[11] The goal of the attacker can vary, with common targets including financial institutions, email and cloud productivity providers, and streaming services.[12] The stolen information or access may be used to steal money, install malware, or spear phish others within the target organization.[5] Compromised streaming service accounts may also be sold on darknet markets.[13]
        
        This type of social engineering <a href="https://www.adyilian.com/">attack</a> can involve sending fraud emails or messages that appear to be from a trusted source, such as a bank or government agency. These messages typically redirect to a fake login page where the user is prompted to enter their login credentials.
        
        Spear phishing
        Spear phishing is a targeted phishing attack that uses personalized emails[14] to trick a specific individual or organization into believing they are legitimate. It often utilizes personal information about the target to increase the chances of success.[15][16][17][18] These attacks often target executives or those in financial departments with access to sensitive financial data and services. Accountancy and audit firms are particularly vulnerable to spear phishing due to the value of the information their employees have access to.[19]
        
        The Russian government run Threat Group-4127 (Fancy Bear) (GRU Unit 26165) targeted Hillary Clinton's 2016 presidential campaign with spear phishing attacks on over 1,800 Google accounts, using the accounts-google.com domain to threaten targeted users.[20][21]
        
        A study on spear phishing susceptibility among different age groups found that 43% of youth aged 18-25 and 58% of older users clicked on simulated phishing links in daily emails over 21 days. Older women had the highest susceptibility, while susceptibility in young users declined over the study, but remained stable in older users.[22]
        
        Whaling and CEO fraud
        Whaling attacks use spear phishing techniques to target senior executives and other high-profile individuals[23] with customized content, often related to a subpoena or customer complaint.[24]
        
        CEO fraud involves sending  <a href="nguyentandung.org">fake</a>  emails from senior executives to trick employees into sending money to an offshore account.[25] It has a low success rate, but can result in organizations losing large sums of money.[26]
        
        Clone phishing
        Clone phishing is a type of attack where a legitimate email with an attachment or link is copied and modified to contain malicious content. The modified email is then sent from a fake address made to look like it's from the original sender. The attack may appear to be a resend or update of the original email. It often relies on the sender or recipient being previously hacked so the attacker can access the legitimate email.[27][28]
        
        Voice phishing
        Main article: Voice phishing
        Voice over IP (VoIP) is used in vishing or voice phishing attacks,[29] where attackers make automated phone calls to large numbers of people, often using text-to-speech synthesizers, claiming fraudulent activity on their accounts. The attackers spoof the calling phone number to appear as if it is coming from a legitimate bank or institution. The victim is then prompted to enter sensitive information or connected to a live person who uses social engineering tactics to obtain information.[29] Vishing takes advantage of the public's lower awareness and trust in voice telephony compared to email phishing.[30]
        
        SMS phishing
        
        SMS phishing[31] or smishing[32][33] is a type of phishing attack that uses text messages from a cell phone or smartphone to deliver a bait message.[34] The victim is usually asked to click a link, call a phone number, or contact an email address provided by the attacker. They may then be asked to provide private information, such as login credentials for other websites. The difficulty in identifying illegitimate links can be compounded on mobile devices due to the limited display of URLs in mobile browsers.[35] Smishing can be just as effective as email phishing, as many smartphones have fast internet connectivity. Smishing messages may also come from unusual phone numbers.[36]
        
        Page hijacking
        Page hijacking involves redirecting users to <a href="	https://www.hydlist.com">malicious</a> websites or exploit kits through the compromise of legitimate web pages, often using cross site scripting. Hackers may insert exploit kits such as MPack into compromised websites to exploit legitimate users visiting the server. Page hijacking can also involve the insertion of malicious inline frames, allowing exploit kits to load. This tactic is often used in conjunction with watering hole attacks on corporate targets.[citation needed]
        
        Calendar phishing
        Calendar phishing involves sending fake calendar invitations with phishing links. These invitations often mimic common event requests and can easily be added to calendars automatically.[37] To protect against this form of fraud, former Google click fraud czar Shuman Ghosemajumder recommends changing calendar settings to not automatically add new invitations.[38]
        
        Quishing
        QR codes have been used maliciously in phishing attacks.[39] The term "quishing" involves deceiving individuals into thinking a QR code is <a href="	https://vip-doji.com/index/user/login">harmless</a> while the true intent is malicious, aiming to access sensitive information.[39] Cybercriminals exploit the trust placed in QR codes, particularly on mobile phones, which are more vulnerable to attacks compared to desktop operating systems.[39] Quishing attacks often involve sending QR codes via email, enticing users to scan them to verify accounts, leading to potential device compromise.[39] It is advised to exercise caution and avoid scanning QR codes unless the source is verified.[39]</p>

</body>
</html>