Phishing attacks have become very popular in recent times. Day by day, attackers are launching new and advanced phishing techniques. Phishing emails and phishing sms are spreading on a larger scale. So, several government agencies and tech companies have issued warnings about ongoing phishing attacks laden with malicious attachments and social engineering tactics.
In the beginning of February, Microsoft alerted users about the ongoing consent phishing (aka OAuth phishing) attack campaigns focused on remote workers and targeting victims in multiple repeated waves. The FBI has alerted businesses to beware of voice phishing attacks looking for login credentials of employees. The criminals are abusing VoIP platforms to launch vishing (voice phishing) attacks. The Internal Revenue Service (IRS) warned U.S. tax professionals about ongoing phishing attacks trying to steal Electronic Filing Identification Numbers (EFINs) of taxpayers. Moreover, Gmail users of United States were also alerted by Google about email-based phishing and malware attacks.
Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details or other sensitive details, by impersonating oneself as a trustworthy entity in a digital communication. In recent times, cybercriminals are coming up with several new advanced tactics of phishing attacks. Therefore security experts suggest staying extra alert while receiving an email from an unknown sender. In addition, users should always check the address bar to vet the URLs, implement 2FA, and deploy an email gateway solution.