Phishing Definition
Phishing is a common type of cyber attack that targets individuals through email, text messages, phone calls, or any form of communication. A phishing attack aims to trick the recipient into falling for the attacker’s desired action, such as revealing financial information, system login credentials, or other sensitive information. Many are used to confirm an email address or a telephone number.
As a popular form of social engineering, phishing involves psychological manipulation and deception whereby threat actors masquerade as reputable entities to mislead people into performing specific actions. These actions often involve clicking links to fake websites, downloading and installing malicious programs, or divulging private information, like name, address, bank account numbers or credit card details.
Since the mid-1990s, the term “phishing” has been used to identify hackers who use fraudulent emails to “fish for” information from unsuspecting users. However, phishing attacks have become increasingly sophisticated and are now broken down into different types, including email phishing, spear phishing, smishing, vishing, and whaling. Each type is characterized by specific channels and methods of execution – email, text, voice, social media, etc. – all with a similar underlying intentions.