Phishing has exploded in recent years to become one of the world’s most common types of cyber attacks. A form of social engineering, it’s designed to trick victims into divulging sensitive information, such as login credentials to an otherwise protected system or database. There are different types of phishing attacks, however, each of which works in a different way. Below is a list of the five most common types of phishing attacks.
Spear phishing is a form of targeted phishing that’s directed at specific individuals or employees. Prior to performing a spear phishing attack, a hacker will first gather information about the victim to increase his or her chances of success. The hacker will then send a custom email to the individual or employee. Since the email is customized with the individual’s or employee’s information, he or she may perform the requested action.
Like spear phishing, whale phishing is a form of targeted phishing. The difference is that it exclusively targets high-ranking individuals, such as business owners and senior executives. It’s called “whale phishing” because it targets high-value individuals, who are known as “whales.” Business owners and senior executives often have higher privileges than other employees, so hackers target them with whale phishing.
There’s also catphishing. Catphishing is a form of social engineering in which a hacker attempts to create a personal connection with an individual or employee so that he or she can target them with a phishing email. A hacker, for instance, may send the victim a friend request on social media. After becoming friends with the victim, the hacker will then communicate with the victim to earn his or her trust.
Another common type of phishing is clone. Clone phishing is defined by the use of an altered but otherwise legitimate email to device the victim into divulging sensitive information. When performing a clone phishing attack, the hacker will take a legitimate email and “clone” it. The cloned email will then be altered so that it can trick the victim.
SMS phishing, as you may have guessed, is a form of phishing that uses mobile text messages. Like all other forms of phishing, it’s designed to trick victims into divulging sensitive information. SMS phishing is unique because it specifically uses mobile text messages as the communications platform. A hacker may send a victim a mobile text message asking him or her to visit a website. Upon visiting the website, the victim may inadvertently divulge sensitive information to the hacker.
#phishingattacks #5types #needtoknow