Member-only story
Phishing 😈
What it is, subtypes like Spear-phishing, and how to protect against it
Phishing is a type of scam in which the attacker disguises himself/herself as a trustworthy entity to make the victim perform an action. For example, the attacker could present himself as your bank, asking for your password. Typically, this is done via email or SMS.
Phishing belongs to the bigger group of social engineering attacks. In Social Engineering, the abused week points of a security system are not of technical nature, but the people within a system.
After reading this article, you will know what phishing is. You will know several sub-types of phishing and how to prevent those attacks from affecting your organization. Let’s go!
Sub-Types of Phishing
In spear-phishing attacks, the attacker has a very specific target. In contrast to regular phishing attacks in which they just want to scam anybody, in spear-phishing they want YOU. This means the attacker will prepare for you. The attacker will know the names/habits of trustworthy people in your environment. If a spear-phishing attack targets an executive, it’s also called whaling.
Catphishing or Catfishing attacks build a close personal relationship with the victim.
