1. URL (weblink) manipulation: URLs are the weblinks (i.e., Internet addresses) that direct the netizens/users to a specific website. In Phishing attack, these URLs are usually supplied as misspelled, for example, instead of www. abcbank.com, URL is provided as www. abcbankl.com.

2. Filter evasion: This technique use graphics (i.e., images) instead of text to obviate from netting such E-Mails by anti-Phishing filters. Normally, these filters are inbuilt into the web browsers. For example,

• Internet Explorer version 7 has inbuilt "Microsoft phishing filter." One can enable it during the installation or it can be enabled post-installation. It is important to note that it is not enabled by default.
• Firefox 2.0 and above has inbuilt "Google Phishing filter," duly licensed from Google. It is enabled by default.
• The Opera Phishing filter is dubbed Opera Fraud Protection and is included in version $9.5+$

3. Website forgery: In this technique the phisher directs the netizens to the website designed and developed by him, to login into the website, by altering the browser address bar through JavaScript commands. As the netizen logs into the fake/bogus website, phisher gets the confidential information very easily. Another technique used is known as "cloaked" URL - domain forwarding and/or inserting control characters into the URL while concealing the weblink address of the real website.

4. Flash Phishing: Anti-Phishing toolbars are installed/enabled to help checking the webpage content for signs of Phishing, but have limitations that they do not analyze flash objects at all. Phishers use it to emulate the legitimate website. Netizens believe that the website is "Clean" and is a real website because anti-Phishing toolbar is unable to detect it.

5. Social Phishing: Phishers entice the netizens to reveal sensitive data by other means and it works in a systematic manner.,

• Phisher sends a mail as if it is sent by a bank asking to call them back because there was a security. breach.
• The victim calls the bank on the phone numbers displayed in the mail.
• The phone number provided in the mail is a false number and the victim gets redirected to the phisher.
• Phisher speaks with the victim in the similar fashion/style as a bank employee, asking to verify that the victim is the customer of the bank. For example, "Sir, we need to make sure that you are indeed our customer. Could you please supply your credit card information so that I can verify your identity?"
• Phisher gets the required details swimmingly.

6. Phone Phishing: Besides such attacks, phisher can use a fake caller ID data to make it appear that the call is received from a trusted organization to entice the users to reveal their personal information such as account numbers and passwords.