$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Phishing Is A Social Engineering

tag 0 Download11 Pages / 2,619 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT


What is the Phishing is a Social Engineering ?

Answer :


Phishing is a social engineering activity of luring internet users into using or clicking certain computer links in a site, emails or other web pages sites. The cybercriminal uses this means in order to obtain sensitive information of a target such as passwords, usernames, and credit cards numbers for malicious intentions by pretending to be entrusted entity.

For instance, an attacker can perform an email phishing by sending an email that appears to be sent from one of the user’s bank. The attacker engages trustworthy of the victim by pretending to be that bank. The email may contain an information about some pending account in-activity that the users need to send sensitive details about his account for him to be activated. When the user sends the details, the attacker obtains the bank details and uses to access users bank account.

Phishing Techniques

Phishing attackers uses the following techniques to attack the victims using below phishing types: (Ramzan, 2010)

  • Spear phishing

This is phishing attempt always directed to the target victim where the victim can be an individual, organisation or a company. Attackers gathers sensitive or crucial information that will perfect the attention of the victims when sent to them. This technique is the most successful one.

  • Clone phishing

This type of phishing always takes advantage of sent emails that are sent to the recipients. Attackers take advantage of mails that contains attachment or links. The attackers obtains the same mails and edit them and create almost identical mails and send them to the earlier recipient address. The mail contains malicious content but the recipient won’t realize whether that the mail has bad intention, they only think that the same sender may be sent an updated mail or sent another mail to counter any loss of delivery.

  • Whaling

This type of phishing targets senior executives and senior heads in an organisation or a business. The form or way used to attack takes an executive form in a way that it will capture senior managers or workers attention. The information sent may be in form of a customer complaint form that will lure in the senior manager to open the info or link hence sending sensitive information to the attacker without realisation.

  • Link manipulation

The phishers use mails or websites for their targets. They add links to the websites which hold sensitive business activities and embed misspelt urls that appears to be correct if the user is not very keen. The user may click the link and be redirected to an alike webpage comprising almost the same details / information. The user may end up providing login details without realising he has just sent the details to the attacker.

  • Filter evasion

Phishers started using images to evade anti-phishing filters where they hide the text behind the image. Although some techniques have been devised to detect phishing texts in images and even when the texts are rotated, the phishers continues to attack various victims of website and email users.

  • Website forgery

The phishers enters a website for spoofing. When they get into the site, they make use of JavaScript to lure users to activate some commands while in background they change the address bar without the user noticing. The user may end up being redirected to another web page but with same look like the earlier web page. The user may be prompted to login especially if the web page is a web application and the attacker wants to obtain login credentials of the victim. The attackers always attack sites like bank web application and at once PayPal was once attacked.

  • Covert redirect

This is a trick used by attackers that provide links that appear legitimate to the users. The links may be popups that requires users to login to their sensitive accounts while the attackers have used them to capture sensitive details.

  • Phone phishing

The attackers uses the voice phishing to attack the victims. The phishers can send a fake message containing sensitive information that will capture victim’s attention. The message may be framed to have come from a recognised organisation like a bank. Victim may be prompted to enter pin without realising that massage has a fake ID source. Therefore the attacker will obtain user’s sensitive details and use them for malicious activities.

Phishing Success

What makes the phishing to become more and more success is due to human nature which is tough to overcome. The phishers are taking advantage of human nature and post information that will always capture victim attention. For instance, the phishers can send a love bug or health advises that has key information to be ignored by the victim.

While the technologists are increasingly devising control measures for anti-phishing, the phishers are becoming cleverer. They are using super phishers to hack and spoof information. They can hide the phishing links that goes un-noticed by phishing detectors.

The main success of the attackers is how currently they can protect themselves from being noticed. Like earlier days where they could redirect victims using links to fake sites and prompt users to enter some details like the login credentials, currently the victim just clicks the links and activates a background rogue codes that exploit victim computer without user noticing. This may lead to installation of ransom ware into victim’s computers without victim consent.

The phishers also take advantage of users unaware of the victims especially if the victims are not expecting phishers to have interests in their sensitive details.

Tools used by phishers

Phishers have variety of tools readily available to them that makes their attacks a success. These tools can be used to perform various functions like mail delivery, website spoofing and phishing malware embedment.

These are the list of those tools used:

  • Botnets

Bots are programs that reside in a computer and provide remote controls through various protocols. When many bots are controlled from one control they make a botnet. Botnets are controlled in way that they can be used to cause an attack to certain computer targets. When a computer becomes a bot, it can be used to send a malicious mail, cause other web browsers users to be redirected into malicious web pages, install additional malware to itself, cause surveillance to other computers sensitive details and more other illicit activities.

Bots can be redistributed through file sharing and mailings.

  • Phishing kits

The phishers have become more ready through use of readily available kits which contains set of equipment that can be used perform an attack. The kit contains set of ready bots, hosting domains that have assurance of not been closed off or detected (Roberts, 2004), list of servers which can be targeted and more so famous sites and organisation details that an attacker can use to attack. In current days, the developers of these kits don’t sell them, in fact they spend time in advancing these bots and making newer versions of bots that can be downloaded by interested phishers for free (Sophos, 2000). The technology needed to perform an attack has been made readily available by the kit providers hence more attacks are continuing to happen

  • Technical deceit

As the internet users have become more aware of the detection of phishing codes and links, the attackers have engaged in more tricky ways of performing their attacks. They make counterfeit websites that cannot be noticed by the internet users while redirecting.

  • Session hijack

Phishers have been waiting for internet users to log in to web applications and become men in the middle. They capture ones IP address and fake Mac address and pretend to be the original owner of the authentication credentials. They do this until they capture all sensitive details that will help them perform a fraudulent attack without users prior knowledge since they forward the messaging signals to the server on behalf of the owner. They act as the first destination of senders signal and as the first receivers of servers signals been sent to the user.

  • Abuse of Domain Name Service (DNS)

Phishers have using the domain name service exploits where they pretend to be the said url name while the IP address of the address is fake. They do this to gain users trust without user’s prior knowledge.

  • Phishing specialized malware

Technologists have made bots that readily are available to the phishers. These malwares are designed for spying and illicit operations between the affected computers. The bots can be used for spying in a certain computers details and even send those details to the main control and obtain sensitive data for malicious gain.

Organisation Concerns

As the phishing has become more and more successful and affecting organization to negativity through spear phishing, the organizations are concerned more on how to counter the attackers. Spear phishing has been used to perform large cyber-attacks leading to large money loss in organizations.

The spear phishing has impacted negatively to the affected organizations. For instance, most of those organization reported to have been attacked, they have experienced:

  • Big money loss
  • Decrease in stock sales

For those two main losses, the attackers used malwares to obtain authentication details and obtained organisation sensitive information.

The attackers have been using emails to counter victims trust.

The attackers always targets the finance and IT staff who always hold sensitive details about money or authentication credentials for an organisation.

The main negative impacts of phishing to an organisation are as follows: (Van der Merwe, 2005)

  • Decreased employees productivity
  • Financial losses
  • Organisation reputation damage
  • Decreased stock prices

The organisation has used various technologies to prevent themselves from phishers. The techniques they use are:

  • Secure email gateway
  • Secure web pages gateway
  • Url filtering
  • Data leaking protection
  • file solution sandboxing

Current and Future Trends of Phishing

Currently phishing is becoming more and more prone affecting many organization leading to losses. The phishers are cleverer than before. They have devised phishing techniques that cannot be easily noticed. The phishers have taken advantage of human nature in a way they easily afford human attention by gaining their trust. The phishers are forging sites and e-commerce accounts in a way that site users are hard to realise that the sites are spoofed. As the technology advances, the phishers are devising more and more tricky spams which are hard to be detected by anti-phishing software. The speed at which hackers are devising new phishing techniques is super-exceeding the technology used to make new phishing control measures. (APWG, 2004)

The future of phishing is to hack many sites, banks and e-commerce sites without any complexity. This will lead to collapse of businesses if technologists don’t speed up their techniques of devising control measures.

Phishing has taken advantage of research survey where the internet users can be tricked to fill some phone or bank details so as to capture victim sensitive information.

Other phishers are using trick games which always appear as a pop up where the victim is deceived to have won a gift but at the end the victim is issuing his authentication details pertaining a bank or other financial institution like the master cards.

The following key points goes with the current trends in phishing:

  • Social engineering components

Phishers are using social engineering techniques to trick the internet users to click a link and activate malicious codes by finding vulnerabilities. The attackers embed the codes in emails and websites that are common to the users and which contains sensitive information especially details of banks and e-commerce. The phishers make the codes in a way that it is hard to be noticed by the victims. This codes when activated, they run in background of victim’s computer and performs spying activities which can capture users’ usernames and passwords in the browsers and emails.

  • Common tools and infrastructure

Phishers has been using common infrastructure to attack the internet users. They use websites, bot nets and mails to host phishing sites and malicious software.

  • The big idea

The main trend now is that the websites hosting companies are ensuring the clients’ websites have been configured with anti-phishing technologies to prevent phishers from spoofing. As well the law and the government should ensure that the criminals and hosting companies of phishing sites are taken into courts and be prosecuted for committing this kinds of crimes

Phishing Control and Avoidance

For phishing control in organisations, the staff should be warned, made aware, trained and be given reinforcing messages in day to day to counter attackers techniques. (Ramzan, 2010)

  • Awareness and education

Even though awareness is not enough, the web pages and other sites should be incorporated with anti-phishing programs that can detect phishing links and remove them immediately.

In addition, the organization can filter phishing emails or web pages in a network before reaching to the staff.

The best phishing defensive mechanism is:

  • If any link is sent to your email and the link is requesting you to send your login credentials, ignore the mail as a spam.
  • If the mail sent is suspected to be a scam, just read the mail between the lines and don’t click any link in that mail. You can inspect the link by typing in into your browser and see what that link contains but don’t click it in your email.


  • Strong authentication practices

Two factor authentication can be used to provide users with a hardware token that keep on changing after every logins. The attacker won’t be able to use the credentials since the details keeps on changing.

  • Virus, spyware and spam prevention

Anti-malware have been implemented to prevent users against suspicious codes used by the phishers. These products are always enabled and updated to provide maximum protection.

  • Targeting hosting sites

The law can be used to suppress the hosting sites sending phishing mails or codes and hence be shut down. The practice should be done previously as the phishers keep on devising new hosting sites.


Though there has been techniques and measures used to counter phishing, the technology should be improved to counter the phishing to zero tolerance. The measures that can be recommended is:

  • Continued awareness and education to the public and staff on issues pertaining the phishers and new techniques used by the phishers.
  • The organisation should have a foresight of their sites or emails about an information that might be at risk. This helps to counter any vulnerability by the phishers to attack the sites.


Since phishing is profitable activities to the attackers, the phishers are becoming more and more intelligent in using technology for their profit gains. Organisation should involve themselves in creating awareness to their staff and public to counter the phishers. New and advanced technologies are been devised to keep off the phishers. Phishers can lead to an organisation collapse.



Ramzan, zulfikar. “Phishing attacks and countermeasures”. In stamp, Mark & Stavroulakis, Peter. Handbook of information and communication Security. 2010, Springer ISBN 9783642041174

Van der Merwe, A.J, Loock, M, Dabrowski, M. (2005), Characteristics and Responsibilities involved in a Phishing Attack, Winter International involved in a Phishing Attack, Winter Symposium on Information and Communication Technologies, January 2005, Cape Town.

Anti-Phishing Working Group. Phishing Activity Trends Report, March, 2017.
Anti-Phishing Working Group. Phishing Activity Trends Report, March 2017. Retrieved 3March 30, 2017 from

McWilliams, Brian. “Cloaking Device Made for Spammers.” Retrieved March 30, 2017 from,1367,60747,00.html.  

“Do-it-yourself phishing kits found on the internet, reveals Sophos”. Retrieved March 30, 2017 from

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2018). Phishing Is A Social Engineering . Retrieved from

"Phishing Is A Social Engineering ." My Assignment Help, 2018,

My Assignment Help (2018) Phishing Is A Social Engineering [Online]. Available from:
[Accessed 06 July 2020].

My Assignment Help. 'Phishing Is A Social Engineering ' (My Assignment Help, 2018) <> accessed 06 July 2020.

My Assignment Help. Phishing Is A Social Engineering [Internet]. My Assignment Help. 2018 [cited 06 July 2020]. Available from: is one of the noted service providers that deliver essay help. We provide tailored essay assistance to make sure that student gets online essay help exactly in the way they want it to be written. We at have built teams of consultants, who readily attend every query related to help me writing my essay. We provide essay writing help in forms of tips and steps in order o assist students with tough essay assignments.

Latest It Write Up Samples

ITECH7401 Leadership In IT Project Management

Download : 0 | Pages : 3
  • Course Code: ITECH7401
  • University: Federation University
  • Country: Australia

Answer: Budget Estimate and Financial Analysis The Return on Investment (ROI) is 125.10%, which is higher than the required ROI of twenty-five per cent. Thus, the report concludes that this project will be beneficial Port Fairy Caravan and Camping Park Pty Ltd. Year 0 1 2 3 Total Inflows (Income) 0 90000 130000 150000 370000 Outflows (Expenses) -90000 -2000...

Read More arrow Tags: Australia Riverwood 7 Leadership in IT Project Management Federation University 

MAN6910 Business Process Management

Download : 0 | Pages : 5
  • Course Code: MAN6910
  • University: Edith Cowan University
  • Country: Australia

Answer: Issue register Name of issue Patient waiting too long to register Priority 2 Description When the patients visits the hospital, the new patients are required to be registered first for gaining the treatment in the hospital. Data and assumption Over 20% of the patients who are visiting the hospital are raising the issue of extensive waiting time and longer duration for which treatmen...

Read More arrow Tags: Australia Ashgrove 7 business process management Edith Cowan University 

ITC563 IT Management Issues

Download : 0 | Pages : 10
  • Course Code: ITC563
  • University: Charles Sturt University
  • Country: Australia

Answer: Introduction: In the current aspect the Globex Corporation is a big organization in Australia which has been formed due to the merging of two large regional business which are B T & Sons Farming Equipment and Riverina Precision Farming. Currently, the Globex Corporation is located in three different locations, which are the Albury, Wagga Wagga and Griffith. The Globex Corporation currently handles two types of businesses which are...

Read More arrow Tags: Australia 7 it management issues Charles Sturt University 

ENS2108 Mechanical Science

Download : 0 | Pages : 2
  • Course Code: ENS2108
  • University: Edith Cowan University
  • Country: Australia

Answer: Internet Invention to be commercialized for bringing to the Market Internet is considered as one of the biggest boons of technology and it provides knowledge of technological advancements to its users.  Internet is responsible for providing the most advanced and updated technological products and services to their users. This invention can be commercialized for bringing it to the market by inclusion of different products. One ...

Read More arrow Tags: Australia 7 Mechanical Science Edith Cowan University 

C000105 Bachelor Of Information Technology

Download : 0 | Pages : 12
  • Course Code: C000105
  • University: Macquarie University
  • Country: Australia

Answer: Dark Net The term Dark Net refers to the computing network that uses a unique customized interaction protocol in order to manage the confidentiality of sensitive data. The key concept of Dark Net is to deliver a secure communication network to the companies so that the communication gaps and security problems can be managed. In this era, the rate of cyber-crime is growing quickly and most of the communities worldwide are suffering fro...

Read More arrow Tags: Australia Sydney 7 Bachelor of Information Technology Macquarie University 

Save Time & improve Grade

Just share Requriment and get customize Solution.

We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits




Overall Rating



Our Amazing Features


On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.


Plagiarism Free Work

Using reliable plagiarism detection software, only provide customized 100 percent original papers.


24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.


Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.


Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

134 Order Completed

95% Response Time

Thomas Nelson

MS in Information Systems Technology with Specialization in Database Administration

New Jersey, United States

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

752 Order Completed

100% Response Time

Hugh Cleave

Masters in Human Resource Management (MMgt, HRM)

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

230 Order Completed

97% Response Time

Liya Han

Master Of Science in Geotechnical Engineering (MSc Geotec)

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

265 Order Completed

97% Response Time

Ken Campbell

MSc in Electrical Engineering

Wellington, New Zealand

Hire Me

FREE Tools


Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.


Essay Typer

Get different kinds of essays typed in minutes with clicks.


GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.


Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.


Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability




Your Approx Earning

Live Review

Our Mission Client Satisfaction

I received full marks. So happy with the service. Will definitely come back for future assignments.


User Id: 411395 - 06 Jul 2020


student rating student rating student rating student rating student rating

the work was completed before the time in a professional manner. Thanks to the team.


User Id: 450130 - 06 Jul 2020


student rating student rating student rating student rating student rating

100 grade , perfect paper ,i am very happy to work with great expert. Thank you


User Id: 353631 - 06 Jul 2020


student rating student rating student rating student rating student rating

it is done, I just want to thank you for this assignment, your help is very important, I really appreciate, good job!


User Id: 265909 - 06 Jul 2020


student rating student rating student rating student rating student rating
callback request mobile
Have any Query?