What is phishing?
Phishing is a cyberattack used to steal user data such as login credentials, account information and credit card credentials. It mostly occurs when an attacker, masquerading as a trusted entity, lures a victim into opening an email, instant message, or text message. The victim is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or leading them to fraudulent websites to deceive them into giving away confidential and sensitive information. In other cases, targets are contacted by telephone or other communication channels, with the same intention.
Phishing is one of the oldest types of cyberattacks, going back to the 90s, and is still one of the most popular and successful techniques used. One of the reasons is that it is far easier to trick someone into clicking a malicious link in a phishing email than it is to break into a computer’s defense system. Phishing targets to exploit the inattentiveness and carelessness of individuals and is therefore widely considered as social engineering.
Phishers use social engineering and other public sources of information, such as social networks like LinkedIn, Facebook and Twitter, to gather background information about the victim’s personal and work history, interests and activities. These sources are usually used to uncover names, job titles and email addresses of potential victims, as well as other additional information. This information can then be used to craft a believable email or message.
Around the world, phishing attacks are evolving, increasing in number, and both the techniques and messages are becoming more sophisticated. Even the world’s largest corporations aren’t immune and experience more than 1000 phishing attacks a month. That’s why we train your employees to be aware of phishing and teach them about the possible consequences.