Some examples of phishing attacks


Phishing is a type of social engineering that is usually achieved through the sending of deceptive emails or text messages. From "Nigerian princes" to the Apple or Windows help center, these messages can appear to come from anywhere, especially from companies or organisations that a typical internet user would implicitly trust.

The common goal of phishing is to illicit a response from the target, whether that be clicking a link, downloading a shady executable, or giving out personal information over email. One common example is an email sent from what may look like the bank you do business with, asking you to reset your password. They may provide a link for you to click that will take you to a pretty good replica of what your bank's website actually looks like, where you enter your old credentials and then a new password. There may not be an obvious or immediate consequence to resetting your password this way--the attacker may even forward the new password to your real bank and reset it for your--but now an unknown entity has your password details and access to your bank account, which is clearly a problem.

This sort of ruse can happen with any account you have, so it's very important that you double check the sender of all emails and be wary of any links or file attachments you receive online. The best defense against this sort of attack is to be cautious with all the messages you receive. It's better to be overly suspicious of everything and keep yourself safe than to trust the vast anonymous cyber-scape and wind up getting burned.

Types of phishing - there's more than one!

Classic Phishing

Casting a wide net and seeing who gets caught in it by sending out a mass email or text.

A malicious email, text, phone call that imitates a source of trust (friend, company) in order to gain information (passwords) or monetary value (gift cards, money).

Spear Phishing

Targeting a specific person and tailoring a phishing message to what they might respond to. This is phishing that is designed to target one individual or a small group.

What's up next?

Take a look at our sample presentation:

Phishing Website sample