“What is every Hacker’s weekend getaway? They go Phishing” - Punny Leone
The frequency and intensity of interaction of people across online platforms has increased by leaps and bounds.
The other party in this process of interaction is often institutions and individuals, with whom we may not have interacted on a physical basis.
This implies that this virtual interaction is based on mutual trust by which we are able to assume that the other party shall secure our interest.
However, what happens if that trust is unduly taken advantage of by a cyber criminal? The result can seriously hamper our interest and might even dupe us into downloading malware, revealing sensitive data and so on. This forms the crux of the answer to the question of what is Clone Phishing in Cyber Security.
In this blog, we shall try to look at what is Clone Phishing. In addition to the Clone Phishing definition, we shall look at the features and types of Clone Phishing Attacks.
Subsequently, we shall make sense of Clone Phishing Examples, ways to detect a Clone Phishing Attack as well as what does Clone Phishing mean in terms of its prevention strategies.
What is Clone Phishing in Cyber Security?
In this section, we shall look at what is Clone Phishing, Clone Phishing Attack as a prominent Cyber Security Attack.
As the name suggests, Clone Phishing involves the act of cloning or replicating. The attacker replicates/clones a legitimate email message, verbatim, from a trusted organization or business.
The hacker intercepts a genuine email and simply alters it by adding or replacing a malicious link which redirects the user to a fake or malicious website.
The email copy might even contain malicious attachment which might result in direct download of malware.
Clone Phishing is executed via a spoofed email sent from a location outside an organization. Cyber criminals exploit the tactics of display name spoofing for adding the touch of legitimacy to a cloned email.
The cloned email is directed to a large number of targeted individuals and the attackers keep a close eye on those who happen to click the links embedded.
When any individual falls prey to the attack, the hacker is able to acquire access to the contacts from the victim’s inbox and forward the same forged email to all those individuals too. The frequency of these clone phishing attempts is alarmingly high, making it more imperative for individuals and organizations to be vigilant.
Clone Phishing Definition: Its Features
In this section, we shall look at what does Clone Phishing mean in terms of its fundamental features.
- The attacker creates a duplicate/cloned copy of a legitimate email
- The spoofed email address will seem to have emanated from a legitimate source
- The replicated email contains malware downloads or links which redirects user to malicious websites
- The spoofed email is deliberately made to appear as a revert of the original email or an updated version of the original email