What is phishing?
Phishing is an attempt by cybercriminals posing as legitimate institutions, usually via email, to obtain sensitive information from targeted individuals.
Types of phishing:
- Spear phishing targets a specific group or type of individual such as a company’s system administrator. Below is an example of a spear phishing email. Note the attention paid to the industry in which the recipient works, the download link the victim is asked to click, and the immediate response the request requires.
- Whaling is an even more targeted type of phishing that goes after the whales – a marine animal even bigger than a fish. These attacks typically target a CEO, CFO, or any CXX within an industry or a specific business. A whaling email might state that the company is facing legal consequences and that you need to click on the link to get more information. The link takes you to a page where you are asked to enter critical data about the company such as tax ID and bank account numbers.
Smishing is an attack that uses text messaging or short message service (SMS) to execute the attack. A common smishing technique is to deliver a message to a cell phone through SMS that contains a clickable link or a return phone number.
- Vishing has the same purpose as other types of phishing attacks. The attackers are still after your sensitive personal or corporate information. This attack is accomplished through a voice call. Hence the “v” rather than the “ph” in the name.
Please click the link to watch the short video below:
