Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. This article will talk about the types of phishing techniques and the prevention.
Phishing techniques
Here’s a brief look at five common phishing threats that often arise in enterprise settings. Each example features “Bob,” a mid-level employee in the finance department who is trying to get through his busy day and respond to hundreds of emails.
Breach of Trust – Bob gets an email from what he thinks is his bank asking him to confirm a wire transfer. The email takes him to a link that looks like his bank’s website but it is actually a “spoofed” but identical copy of his bank’s website. When he gets to the page, he entered his credential but nothing happened. Too late, Bob just gave his bank password to a cybercriminal.