What is Vishing, Smishing, Pharming, and Whaling
Vishing
Vishing is also phishing. It uses voice VoIP communication technology for fraud—the criminals spoof calls from legitimate sources using voice over IP (VoIP) technology.
The victim can receive a recorded message that appears legitimate. Vishing works just like phishing, but it does not always occur over the Internet and is carried out using voice technology. Vishing attacks also use voice emails, landlines, and telephones.
It is not easy for authorities to trace vishing, especially when the criminals use VoIP. Criminals aim to get credit card numbers or other information to steal the victim’s identity. Vishing takes advantage of the fact that people trust the telephone network.
Smishing
Smishing is Short Message Service Phishing. It uses text messaging on cellular phones. Criminals masquerade as a legitimate source to gain the trust of the victim. It is an attack in which the user is tricked into downloading a Trojan horse, virus, or other malware into his cellular phone or other mobile devices.
Pharming
Pharming is a scamming practice in which the impression of a legitimate website to mislead users into entering their credentials. It redirects victims to a fake website that appears to be official.
Victims then enter their personal information, thinking they are connected to a legitimate site. Pharming also installs malicious code on a personal computer or server, misdirecting victims to fraudulent Web sites unknowingly. In pharming, more users’ computers get infected because it is not needed to target people one by one, just like phishing.
Some criminals send a code to an e-mail that modifies local host files on a personal computer. A computer with a compromised host file will redirect to the fake website even if a user types a correct Internet address.
Domain name system poisoning is another method of pharming. in which the domain name system table in a DNS server is modified so that someone wants to access legitimate websites but is directed toward a fake one. This method does not require changing the host file on the personal computer.
Anti-spyware programs cannot fix this pharming because nothing needs to be technically wrong with the end-users computers.
Gene pharming is another type of pharming. In this type of pharming, human proteins are produced from animal DNA alterations. These proteins are found in the blood, eggs, or milk of the animal. Therefore, livestock can produce several useful drugs.
Whaling
Whaling is also phishing. It targets high-profile targets, such as senior executives and government organizations. Criminals also target politicians and celebrities. Whaling is also called a whaling phishing attack.
The attacker’s goal of whaling phishing attacks is to manipulate the victim into authorizing high-value wire transfers to the attacker. Because of their high value, the whaling attacks are more complex to detect than standard phishing attacks. The security administrators in an organization can reduce the effectiveness of whaling attacks by providing security awareness training to the management staff.
The whaling attack tricks personal or corporate information through social engineering, email engineering, and content spoofing. The attackers may send emails from trusted sources, and some attackers may create a malicious website.
The attackers also provide the target’s name, job titles, etc. Whaleing attacks usually depend on social engineering. The attackers may send hyperlinks or attachments to infect victims with malware.