SMiShing is phishing in which victims are baited by SMS text messaging. Phaxing is phishing in which victims are baited to fill out information on a sheet of paper and fax it into a fax number. Vishing is phishing wherein victims are baited to give credit card information. I guess if I text you and ask you to photo copy both sides of your credit card and fax it into 555-DUMB that would be a SMiShing/phaxing vishing attack. Blanket phishing attacks such as these are only going to get a small percentage of victims through the funnel to a "conversion" (stealing a sales term). An approach which starts with a smaller pool yet ultimately yields more conversions than could be gained through traditional phishing is called spear phishing. (I mean to convey: The top of the spear phishing "sales funnel" is smaller than that of the phishing "sales funnel" but the bottom of the spear phishing "sales funnel" is larger than that of the phishing "sales funnel.") In spear phishing one baits a respond not from the whole of the online/not Amish public, but from a targeted subset, members of a particular company or shopping habit, etc. The targeted messages are more believable.
No comments:
Post a Comment