Trust is now the most important factor in anything. In business, we require trust with the customer who is using the product and there are more where trust plays the key role. Nowadays attackers have started to play with the trust of the user. So there are many ways this attacker can play, but one of the ways that we are going to be talking about is clone phishing.
This attack is actually based on copying the email messages that were sent from a trusted source. Now the hackers alter the information by adding a link that redirects the user to a malicious or fake website. Now, this is sent to a large number of users and the person who initiated it watches who clicks on the attachment that was sent as a mail. This spreads through the contacts of the user who has clicked on the attachment and the mail appears to be coming from the source.
Phishing vs clone phishing :
- Phishing –
This method is used to attack a large number of users with the expectation that many will respond to the email. But there are only fewer people who respond to this kind of email. The email that will be sent to the user can be sent in many forms like in the form of an attachment or the form of a link.
For example; an email is sent to the user that he/she has won a lucky draw winner and please click on the below link. Now the user without verifying whether the user has won or not they will click on the link and malware might be downloaded into the system of the user. Or the user might be taken to an infected website where they will ask for some information related to the bank details.
- Clone Phishing –
This method is slightly different from the method of phishing. In clone phishing, the attackers copy the original message and convert it by altering some attachments or links with the malicious ones.
The function of Clone Phishing :
The way this clone phishing attack takes place/functions:-
- The attacker first copies the original message that was sent from any trusted source.
- The attacker then alters some of the information in the email with the malicious ones.
- They will send this attachment from a fake email address that will make the user/victim to thinking, it came from a trusted source.
So attacker players with the trust of the people in this manner.
How to find that the mail is a clone phishing attack(Prevention and identifying)?
- If the user gets an email that appears to be from any source that seems to be suspicious, don’t open any attachments.
- There will be some misspellings and grammatical errors in the email.
- If the email of your friend appears to be strange contact the person immediately, to confirm the email was sent from your friend or not.
- Users should have any antivirus to scan for any malicious files.